Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

Bugtraq ID:	13031
Class:	Design Error
CVE:	CVE-2005-1057
Remote:	Yes
Local:	No
Published:	Apr 06 2005 12:00AM
Updated:	Jul 12 2009 11:57AM
Credit:	This issue was reported by the vendor.
Vulnerable:	Cisco IOS 12.3YK Cisco IOS 12.3YJ Cisco IOS 12.3YI Cisco IOS 12.3YH Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3YD Cisco IOS 12.3YC Cisco IOS 12.3YA Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XT Cisco IOS 12.3XS Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XN Cisco IOS 12.3XM Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3BW Cisco IOS 12.3BC Cisco IOS 12.3B Cisco IOS 12.3 Cisco IOS 12.2ZP Cisco IOS 12.2ZN Cisco IOS 12.2ZL Cisco IOS 12.2ZK Cisco IOS 12.2ZJ Cisco IOS 12.2ZJ Cisco IOS 12.2ZJ Cisco IOS 12.2ZH Cisco IOS 12.2ZH Cisco IOS 12.2ZG Cisco IOS 12.2ZG Cisco IOS 12.2ZF Cisco IOS 12.2ZF Cisco IOS 12.2ZE Cisco IOS 12.2ZE Cisco IOS 12.2ZD Cisco IOS 12.2ZD Cisco IOS 12.2ZC Cisco IOS 12.2ZC Cisco IOS 12.2ZB Cisco IOS 12.2ZB Cisco IOS 12.2YY Cisco IOS 12.2YY Cisco IOS 12.2YX Cisco IOS 12.2YX Cisco IOS 12.2YW Cisco IOS 12.2YW Cisco IOS 12.2YW Cisco IOS 12.2YV Cisco IOS 12.2YV Cisco IOS 12.2YU Cisco IOS 12.2YU Cisco IOS 12.2YT Cisco IOS 12.2YT Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YP Cisco IOS 12.2YP Cisco IOS 12.2YN Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YD Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XZ Cisco IOS 12.2XW Cisco IOS 12.2XM Cisco IOS 12.2XL Cisco IOS 12.2XK Cisco IOS 12.2XK Cisco IOS 12.2XK Cisco IOS 12.2XJ Cisco IOS 12.2XJ Cisco IOS 12.2T Cisco IOS 12.2SY Cisco IOS 12.2SY Cisco IOS 12.2SXD Cisco IOS 12.2SXB Cisco IOS 12.2SXA Cisco IOS 12.2SX Cisco IOS 12.2SU Cisco IOS 12.2JK Cisco IOS 12.2CZ Cisco IOS 12.2CY Cisco IOS 12.2CX Cisco IOS 12.2CX Cisco IOS 12.2CX Cisco IOS 12.2BZ Cisco IOS 12.2BY Cisco IOS 12.2BX Cisco IOS 12.2BC Cisco IOS 12.2B
Not Vulnerable:

Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

Cisco IOS Easy VPN Server is reported prone to an authentication bypass vulnerability. This issue can allow remote attackers to bypass Extended Authentication (XAUTH) and gain unauthorized access to resources.

An unauthorized attacker may send certain malformed UDP packets to UDP port 500 to complete XAUTH authentication and gain unauthorized access to network resources.

Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

Solution:
Cisco has provided a fix matrix for IOS in the attached advisory. Please refer to the advisory for further information. Cisco fixes may be obtained by customers through the regular update channels.

Cisco IOS Easy VPN Server XAUTH Authentication Bypass Vulnerability

References: