CVE-2002-0225

Published: May 3, 2002

Modified: Aug 8, 2024

PUBLISHED

Description

tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

4003

vdb-entry

x_refsource_BID

20020130 tac_plus version F4.0.4.alpha on at least Solaris 8 sparc

mailing-list

x_refsource_BUGTRAQ

tacplus-insecure-accounting-files(8061)

vdb-entry

x_refsource_XF

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2002-0225

Description

Affected Products

References