Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Cisco :: cisc5078.htm

Cisco Secure ACS don't fails to apply restrictions set via Novell's NDS
8th Feb 2002 [SBWID-5078]

	Cisco Secure ACS don\'t fails to apply restrictions  set  via  Novell\'s


	Cisco Secure ACS version 3.0.1, configured for NDS


	In Cisco Security Advisory [Cisco Bug ID CSCdw46931] :





	Specific versions of Cisco Secure Authentication  Control  Server  (ACS)
	allows authentication of users that have  been  explicitly  disabled  or
	expired in the Novell Directory Services (NDS).


	Users who are marked as \"expired\" or \"disabled\" on the NDS  database
	will still authenticate if their credentials are otherwise correct.  The
	file \"NDSAuth.DLL\" is a module which allows ACS authentication  to  be
	handled by an external NDS server. Versions of this file with  the  date
	2001-Dec-15 ignore the \"Disabled\" or \"Expired\" state of these  users
	on NDS. Authentication attempts by users  with  a  Disabled  or  Expired
	status on the NDS server should be refused, but  are  permitted  due  to
	this vulnerability.



	The patch for this vulnerability can be downloaded  from  the  following
	location if you are logged in with a valid CCO user account:


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH