VAR-200205-0038
Vulnerability from variot - Updated: 2025-04-03 22:40NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server. Cisco Secure ACS is a highly scalable, high-performance access control server that runs on Windows NT/2000 operating systems and Unix variants. It operates as a centralized Remote Access Dial-In User Service (RADIUS) or TACACS+ server system and controls the authentication of users accessing resources through the network. An expired or disabled user who authenticates with the correct credentials will still be able to access the service. The normal, expected behavior is that their access to the service will be denied. It should be noted that only Cisco Secure ACS 3.01 for Windows NT is prone to this issue. The vulnerability is caused by the \"NDSAuth.DLL\" file, this module allows ACS authentication via an external NDS server. < Link: http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml >
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-200205-0038",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "secure access control server",
"scope": "eq",
"trust": 1.6,
"vendor": "cisco",
"version": "3.0.1"
},
{
"model": "secure acs for windows nt",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.0.1"
}
],
"sources": [
{
"db": "BID",
"id": "4048"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "This vulnerability was publicized in a Cisco Security Advisory on February 7th, 2002.",
"sources": [
{
"db": "BID",
"id": "4048"
}
],
"trust": 0.3
},
"cve": "CVE-2002-0241",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2002-0241",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.0,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-4634",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2002-0241",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "CNNVD",
"id": "CNNVD-200205-103",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-4634",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4634"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "NDSAuth.DLL in Cisco Secure Authentication Control Server (ACS) 3.0.1 does not check the Expired or Disabled state of users in the Novell Directory Services (NDS), which could allow those users to authenticate to the server. Cisco Secure ACS is a highly scalable, high-performance access control server that runs on Windows NT/2000 operating systems and Unix variants. It operates as a centralized Remote Access Dial-In User Service (RADIUS) or TACACS+ server system and controls the authentication of users accessing resources through the network. An expired or disabled user who authenticates with the correct credentials will still be able to access the service. The normal, expected behavior is that their access to the service will be denied. \nIt should be noted that only Cisco Secure ACS 3.01 for Windows NT is prone to this issue. The vulnerability is caused by the \\\"NDSAuth.DLL\\\" file, this module allows ACS authentication via an external NDS server. \u003c *Link: http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml* \u003e",
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0241"
},
{
"db": "BID",
"id": "4048"
},
{
"db": "VULHUB",
"id": "VHN-4634"
}
],
"trust": 1.26
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "BID",
"id": "4048",
"trust": 2.0
},
{
"db": "NVD",
"id": "CVE-2002-0241",
"trust": 1.7
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103",
"trust": 0.7
},
{
"db": "XF",
"id": "8106",
"trust": 0.6
},
{
"db": "CISCO",
"id": "20020207 CISCO SECURE ACCESS CONTROL SERVER NOVELL DIRECTORY SERVICE EXPIRED/DISABLED USER AUTHENTICATION VULNERABILITY",
"trust": 0.6
},
{
"db": "VULHUB",
"id": "VHN-4634",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4634"
},
{
"db": "BID",
"id": "4048"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"id": "VAR-200205-0038",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-4634"
}
],
"trust": 0.01
},
"last_update_date": "2025-04-03T22:40:00.058000Z",
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.7,
"url": "http://www.securityfocus.com/bid/4048"
},
{
"trust": 1.7,
"url": "http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln-pub.shtml"
},
{
"trust": 1.7,
"url": "http://www.iss.net/security_center/static/8106.php"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-4634"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-4634"
},
{
"db": "BID",
"id": "4048"
},
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2002-05-29T00:00:00",
"db": "VULHUB",
"id": "VHN-4634"
},
{
"date": "2002-02-07T00:00:00",
"db": "BID",
"id": "4048"
},
{
"date": "2002-02-07T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"date": "2002-05-29T04:00:00",
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2008-09-05T00:00:00",
"db": "VULHUB",
"id": "VHN-4634"
},
{
"date": "2002-02-07T00:00:00",
"db": "BID",
"id": "4048"
},
{
"date": "2005-05-02T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200205-103"
},
{
"date": "2025-04-03T01:03:51.193000",
"db": "NVD",
"id": "CVE-2002-0241"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Cisco Secure ACS NDS Medium failure / Prevent users from still being able to verify vulnerabilities",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
}
],
"trust": 0.6
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "unknown",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200205-103"
}
],
"trust": 0.6
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…