Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Cisco :: c07-1731.htm

cisco nac bypass vulnerability - cisco trust agent



cisco nac bypass vulnerability - cisco trust agent
cisco nac bypass vulnerability - cisco trust agent



hello list,
the  cisco  network  admission control system gives an adminitrator the
chance  to  check  the  clients,  whether  they have installed certain
patches / hotfixes. this check is not reliable.

programm version: cisco trust agent 2.0.1.14 (probably all versions)
os: windows xp sp2
vendor informed: yes (got only automated feedback mail)
severity: low - med

vulnerability:  the cta checks the patch level only with some registry
queries which can be manipulated

example:
- "Cisco:Host:Hotfix contains KB919007" as posture validation
- the KB919007 hotfix is not installed!
- copy the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows
XP\SP3\KB873339 key and change it into a KB919007 key
- result: client is healty

regards
thorben



TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH