Bugtraq mailing list archives
cisco nac bypass vulnerability - cisco trust agent
From: thorben schroeder <thorben () gawab com>
Date: Mon, 8 Jan 2007 20:29:23 +0100
hello list, the cisco network admission control system gives an adminitrator the chance to check the clients, whether they have installed certain patches / hotfixes. this check is not reliable. programm version: cisco trust agent 2.0.1.14 (probably all versions) os: windows xp sp2 vendor informed: yes (got only automated feedback mail) severity: low - med vulnerability: the cta checks the patch level only with some registry queries which can be manipulated example: - "Cisco:Host:Hotfix contains KB919007" as posture validation - the KB919007 hotfix is not installed! - copy the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Updates\Windows XP\SP3\KB873339 key and change it into a KB919007 key - result: client is healty regards thorben
Current thread:
- cisco nac bypass vulnerability - cisco trust agent thorben schroeder (Jan 08)
- Re: cisco nac bypass vulnerability - cisco trust agent Stefano Zanero (Jan 08)