CVE-2006-0486

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.2S with maintenance release number 25 and later, 12.3T, and 12.4

Description The issue allows the reuse of a Tcl Shell process across login sessions of different local users on the same terminal. If the first user does not use tclquit before exiting, subsequent local users may execute unintended commands or bypass AAA command authorization checks.

Recommendations For Cisco IOS versions 12.2S with maintenance release number 25 and later, ensure that the tclquit command is used before exiting the Tcl Shell to prevent unintended command execution. For Cisco IOS versions 12.3T and 12.4, consider implementing AAA command authorization checks to restrict access to sensitive commands and minimize the risk of exploitation.