Solved: Telnet Authentication Proxy

nguyenvinht · ‎05-14-2007

Hi,

For telnet ip authentication proxy, is it true that the router only sends username and password to Radius servers? Not the ip source address of the initiated host. So how does source ip of initiated host get added to the downloaded acl from the Radius server? The router adds it?

Thanks.

smalkeric · ‎05-18-2007

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.

Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.

Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected.

http://www.cisco.com/en/US/products/products_security_advisory09186a00805117cb.shtml

View solution in original post

smalkeric · ‎05-18-2007

The Cisco IOS Firewall Authentication Proxy for FTP and/or Telnet Sessions feature in specific versions of Cisco IOS software is vulnerable to a remotely-exploitable buffer overflow condition.

Devices that do not support, or are not configured for Firewall Authentication Proxy for FTP and/or Telnet Services are not affected.

Devices configured with only Authentication Proxy for HTTP and/or HTTPS are not affected.

http://www.cisco.com/en/US/products/products_security_advisory09186a00805117cb.shtml