Cisco IOS VTY Authentication Bypass Vulnerability

Bugtraq ID:	25482
Class:	Access Validation Error
CVE:	CVE-2007-4632
Remote:	Yes
Local:	No
Published:	Aug 29 2007 12:00AM
Updated:	May 07 2015 05:35PM
Credit:	An unknown Korean website, and a Cisco customer are both credited with the independent discovery of this issue.
Vulnerable:	Cisco IOS 12.2SZ Cisco IOS 12.2SXE Cisco IOS 12.2SXD Cisco IOS 12.2SW Cisco IOS 12.2SV Cisco IOS 12.2SG Cisco IOS 12.2SEG Cisco IOS 12.2SEF Cisco IOS 12.2SEE Cisco IOS 12.2SED Cisco IOS 12.2SEC Cisco IOS 12.2SEB Cisco IOS 12.2SEA Cisco IOS 12.2SE Cisco IOS 12.2SBC Cisco IOS 12.2SB Cisco IOS 12.2S Cisco IOS 12.2FY Cisco IOS 12.2FX Cisco IOS 12.2EY Cisco IOS 12.2EX Cisco IOS 12.2EWA Cisco IOS 12.2EW Cisco IOS 12.2EU Cisco IOS 12.2 FZ
Not Vulnerable:	Cisco IOS 12.2(37)EY Cisco IOS 12.2(35)SE Cisco IOS 12.2(35)EX Cisco IOS 12.2(31)SG Cisco IOS 12.2(31)SB Cisco IOS 12.2(18)SXE4

Cisco IOS VTY Authentication Bypass Vulnerability

Cisco IOS is prone to a remote authentication-bypass vulnerability because the software fails to properly ensure that password authentication is required.

Successfully exploiting this issue allows remote attackers to gain VTY access to vulnerable devices without requiring successful password authentication.

This issue is being tracked by Cisco bug ID CSCsa91175.

Cisco IOS VTY Authentication Bypass Vulnerability

Attackers use readily available network utilities to exploit this issue.

Cisco IOS VTY Authentication Bypass Vulnerability

Solution:
Cisco has released an advisory along with fixes to address this issue. Please see the referenced advisory for information on obtaining and applying fixes.

Cisco IOS VTY Authentication Bypass Vulnerability

References:

• Cisco IOS Homepage (Cisco Systems)
  
• Cisco Security Response: VTY Authentication Bypass Vulnerability (Cisco)