tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-05-16
Updated
2008-09-05
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
Max CVSS
5.0
EPSS Score
0.73%
Published
2000-05-30
Updated
2017-10-10
2 vulnerabilities found