CVE-2006-0485
First published: Wed Feb 01 2006(Updated: )
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco IOS | =12.3ym | |
| Cisco IOS | =12.3yq | |
| Cisco IOS | =12.3xr | |
| Cisco IOS | =12.0xk | |
| Cisco IOS | =12.4t | |
| Cisco IOS | =12.0xr | |
| Cisco IOS | =12.1xm | |
| Cisco IOS | =12.1xi | |
| Cisco IOS | =12.1e | |
| Cisco IOS | =12.3ya | |
| Cisco IOS | =12.1xp | |
| Cisco IOS | =12.1ya | |
| Cisco IOS | =12.1yd | |
| Cisco IOS | =12.2n | |
| Cisco IOS | =12.2zn | |
| Cisco IOS | =12.1xs | |
| Cisco IOS | =12.3xg | |
| Cisco IOS | =12.2zp | |
| Cisco IOS | =12.1xy | |
| Cisco IOS | =12.3xd | |
| Cisco IOS | =12.3xm | |
| Cisco IOS | =12.3xw | |
| Cisco IOS | =12.4mr | |
| Cisco IOS | =12.2xj | |
| Cisco IOS | =12.2su | |
| Cisco IOS | =12.1xz | |
| Cisco IOS | =12.2xh | |
| Cisco IOS | =12.2xg | |
| Cisco IOS | =12.2b | |
| Cisco IOS | =12.1t | |
| Cisco IOS | =12.3xi | |
| Cisco IOS | =12.2yn | |
| Cisco IOS | =12.3yj | |
| Cisco IOS | =12.2xb | |
| Cisco IOS | =12.1xe | |
| Cisco IOS | =12.2xl | |
| Cisco IOS | =12.2ym | |
| Cisco IOS | =12.2yw | |
| Cisco IOS | =12.3yu | |
| Cisco IOS | =12.2yd | |
| Cisco IOS | =12.3xj | |
| Cisco IOS | =12.0xl | |
| Cisco IOS | =12.3t | |
| Cisco IOS | =12.2yb | |
| Cisco IOS | =12.3 | |
| Cisco IOS | =12.2dd | |
| Cisco IOS | =12.2zh | |
| Cisco IOS | =12.1ga | |
| Cisco IOS | =12.1yf | |
| Cisco IOS | =12.2mx | |
| Cisco IOS | =12.1xl | |
| Cisco IOS | =12.2sxb | |
| Cisco IOS | =12.2xw | |
| Cisco IOS | =12.2zc | |
| Cisco IOS | =12.2yt | |
| Cisco IOS | =12.0xh | |
| Cisco IOS | =12.0t | |
| Cisco IOS | =12.1xw | |
| Cisco IOS | =12.2yl | |
| Cisco IOS | =12.2ye | |
| Cisco IOS | =12.1yb | |
| Cisco IOS | =12.2zb | |
| Cisco IOS | =12.1gb | |
| Cisco IOS | =12.2xu | |
| Cisco IOS | =12.1yi | |
| Cisco IOS | =12.3xf | |
| Cisco IOS | =12.1 | |
| Cisco IOS | =12.1yh | |
| Cisco IOS | =12.3yk | |
| Cisco IOS | =12.3yb | |
| Cisco IOS | =12.3yf | |
| Cisco IOS | =12.1ec | |
| Cisco IOS | =12.2xm | |
| Cisco IOS | =12.3yt | |
| Cisco IOS | =12.2xk | |
| Cisco IOS | =12.1xh | |
| Cisco IOS | =12.3xb | |
| Cisco IOS | =12.2zj | |
| Cisco IOS | =12.1xu | |
| Cisco IOS | =12.3yg | |
| Cisco IOS | =12.1xj | |
| Cisco IOS | =12.2zd | |
| Cisco IOS | =12.3xy | |
| Cisco IOS | =12.4 | |
| Cisco IOS | =12.1aa | |
| Cisco IOS | =12.0xn | |
| Cisco IOS | =12.2xc | |
| Cisco IOS | =12.3xe | |
| Cisco IOS | =12.3\(11\)yk2 | |
| Cisco IOS | =12.2yc | |
| Cisco IOS | =12.2ze | |
| Cisco IOS | =12.2xs | |
| Cisco IOS | =12.2bw | |
| Cisco IOS | =12.2yy | |
| Cisco IOS | =12.3\(11\)yl | |
| Cisco IOS | =12.2sz | |
| Cisco IOS | =12.2yu | |
| Cisco IOS | =12.3yx | |
| Cisco IOS | =12.2dx | |
| Cisco IOS | =12.1ez | |
| Cisco IOS | =12.2xd | |
| Cisco IOS | =12.3xq | |
| Cisco IOS | =12.2zl | |
| Cisco IOS | =12.3xh | |
| Cisco IOS | =12.1xq | |
| Cisco IOS | =12.2xq | |
| Cisco IOS | =12.3ys | |
| Cisco IOS | =12.2zf | |
| Cisco IOS | =12.3b | |
| Cisco IOS | =12.3yh | |
| Cisco IOS | =12.2xv | |
| Cisco IOS | =12.2 | |
| Cisco IOS | =12.1xa | |
| Cisco IOS | =12.2sw | |
| Cisco IOS | =12.3xa | |
| Cisco IOS | =12.3yi | |
| Cisco IOS | =12.2yk | |
| Cisco IOS | =12.2sxd | |
| Cisco IOS | =12.2yz | |
| Cisco IOS | =12.2xa | |
| Cisco IOS | =12.1xt | |
| Cisco IOS | =12.1ye | |
| Cisco IOS | =12.3xk | |
| Cisco IOS | =12.1xv | |
| Cisco IOS | =12.2yx | |
| Cisco IOS | =12.2sxe | |
| Cisco IOS | =12.2by | |
| Cisco IOS | =12.2yh | |
| Cisco IOS | =12.2s | |
| Cisco IOS | =12.2xt |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/warp/public/707/cisco-response-20060125-aaatcl.shtml
- http://www.securityfocus.com/bid/16383
- http://securitytracker.com/id?1015543
- http://secunia.com/advisories/18613
- http://www.osvdb.org/34892
- http://www.vupen.com/english/advisories/2006/0337
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24308
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5836
Frequently Asked Questions
What is the severity of CVE-2006-0485?
CVE-2006-0485 is classified as high severity due to the lack of Authentication, Authorization, and Accounting checks in Cisco IOS.
How do I fix CVE-2006-0485?
To fix CVE-2006-0485, you should upgrade to a fixed version of Cisco IOS that addresses the vulnerability.
Who is affected by CVE-2006-0485?
CVE-2006-0485 affects local users of Cisco IOS versions 12.2(14)S prior to 12.2(14)S16 and multiple other releases.
What are the consequences of CVE-2006-0485?
The consequences of CVE-2006-0485 include unauthorized access, allowing local users to execute IOS EXEC commands without proper authorization.
What versions of Cisco IOS are vulnerable to CVE-2006-0485?
CVE-2006-0485 affects several versions of Cisco IOS, including 12.2(14)S before 12.2(14)S16 and other specified releases.
- collector/nvd-historical
- vendor/cisco
- product/ios
- canonical/cisco ios
- collector/nvd-index
- agent/references
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/last-modified-date
- agent/author
- agent/severity
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- version/cisco ios/12.3ym
- version/cisco ios/12.3yq
- version/cisco ios/12.3xr
- version/cisco ios/12.0xk
- version/cisco ios/12.4t
- version/cisco ios/12.0xr
- version/cisco ios/12.1xm
- version/cisco ios/12.1xi
- version/cisco ios/12.1e
- version/cisco ios/12.3ya
- version/cisco ios/12.1xp
- version/cisco ios/12.1ya
- version/cisco ios/12.1yd
- version/cisco ios/12.2n
- version/cisco ios/12.2zn
- version/cisco ios/12.1xs
- version/cisco ios/12.3xg
- version/cisco ios/12.2zp
- version/cisco ios/12.1xy
- version/cisco ios/12.3xd
- version/cisco ios/12.3xm
- version/cisco ios/12.3xw
- version/cisco ios/12.4mr
- version/cisco ios/12.2xj
- version/cisco ios/12.2su
- version/cisco ios/12.1xz
- version/cisco ios/12.2xh
- version/cisco ios/12.2xg
- version/cisco ios/12.2b
- version/cisco ios/12.1t
- version/cisco ios/12.3xi
- version/cisco ios/12.2yn
- version/cisco ios/12.3yj
- version/cisco ios/12.2xb
- version/cisco ios/12.1xe
- version/cisco ios/12.2xl
- version/cisco ios/12.2ym
- version/cisco ios/12.2yw
- version/cisco ios/12.3yu
- version/cisco ios/12.2yd
- version/cisco ios/12.3xj
- version/cisco ios/12.0xl
- version/cisco ios/12.3t
- version/cisco ios/12.2yb
- version/cisco ios/12.3
- version/cisco ios/12.2dd
- version/cisco ios/12.2zh
- version/cisco ios/12.1ga
- version/cisco ios/12.1yf
- version/cisco ios/12.2mx
- version/cisco ios/12.1xl
- version/cisco ios/12.2sxb
- version/cisco ios/12.2xw
- version/cisco ios/12.2zc
- version/cisco ios/12.2yt
- version/cisco ios/12.0xh
- version/cisco ios/12.0t
- version/cisco ios/12.1xw
- version/cisco ios/12.2yl
- version/cisco ios/12.2ye
- version/cisco ios/12.1yb
- version/cisco ios/12.2zb
- version/cisco ios/12.1gb
- version/cisco ios/12.2xu
- version/cisco ios/12.1yi
- version/cisco ios/12.3xf
- version/cisco ios/12.1
- version/cisco ios/12.1yh
- version/cisco ios/12.3yk
- version/cisco ios/12.3yb
- version/cisco ios/12.3yf
- version/cisco ios/12.1ec
- version/cisco ios/12.2xm
- version/cisco ios/12.3yt
- version/cisco ios/12.2xk
- version/cisco ios/12.1xh
- version/cisco ios/12.3xb
- version/cisco ios/12.2zj
- version/cisco ios/12.1xu
- version/cisco ios/12.3yg
- version/cisco ios/12.1xj
- version/cisco ios/12.2zd
- version/cisco ios/12.3xy
- version/cisco ios/12.4
- version/cisco ios/12.1aa
- version/cisco ios/12.0xn
- version/cisco ios/12.2xc
- version/cisco ios/12.3xe
- version/cisco ios/12.3\(11\)yk2
- version/cisco ios/12.2yc
- version/cisco ios/12.2ze
- version/cisco ios/12.2xs
- version/cisco ios/12.2bw
- version/cisco ios/12.2yy
- version/cisco ios/12.3\(11\)yl
- version/cisco ios/12.2sz
- version/cisco ios/12.2yu
- version/cisco ios/12.3yx
- version/cisco ios/12.2dx
- version/cisco ios/12.1ez
- version/cisco ios/12.2xd
- version/cisco ios/12.3xq
- version/cisco ios/12.2zl
- version/cisco ios/12.3xh
- version/cisco ios/12.1xq
- version/cisco ios/12.2xq
- version/cisco ios/12.3ys
- version/cisco ios/12.2zf
- version/cisco ios/12.3b
- version/cisco ios/12.3yh
- version/cisco ios/12.2xv
- version/cisco ios/12.2
- version/cisco ios/12.1xa
- version/cisco ios/12.2sw
- version/cisco ios/12.3xa
- version/cisco ios/12.3yi
- version/cisco ios/12.2yk
- version/cisco ios/12.2sxd
- version/cisco ios/12.2yz
- version/cisco ios/12.2xa
- version/cisco ios/12.1xt
- version/cisco ios/12.1ye
- version/cisco ios/12.3xk
- version/cisco ios/12.1xv
- version/cisco ios/12.2yx
- version/cisco ios/12.2sxe
- version/cisco ios/12.2by
- version/cisco ios/12.2yh
- version/cisco ios/12.2s
- version/cisco ios/12.2xt