Bugtraq mailing list archives
Re: cisco nac bypass vulnerability - cisco trust agent
From: Stefano Zanero <s.zanero () securenetwork it>
Date: Mon, 08 Jan 2007 22:35:30 +0100
thorben schroeder wrote:
the cisco network admission control system gives an adminitrator the chance to check the clients, whether they have installed certain patches / hotfixes. this check is not reliable.
This is a known vulnerability of any system of NAC which trusts a client based agent. Since you cannot determine what program is running on the remote system, you cannot really trust what it is declaring. So, nothing really new in what you reported (you could also reverse engineer and write a client which answers the server exactly what it wants to hear). The point is knowing and accepting the unavoidable limits of such technologies. Stefano
Current thread:
- cisco nac bypass vulnerability - cisco trust agent thorben schroeder (Jan 08)
- Re: cisco nac bypass vulnerability - cisco trust agent Stefano Zanero (Jan 08)