Cisco Secure ACS NDS Expired/Disabled User Authentication Vulnerability


A vulnerability has been discovered in Cisco Secure ACS for Windows NT that have been configured for NDS (Novell Directory Services).

Users in the NDS database whose accounts have expired or been disabled may still successfully authenticate with the service. An expired or disabled user who authenticates with the correct credentials will still be able to access the service. The normal, expected behavior is that their access to the service will be denied.

It should be noted that only Cisco Secure ACS 3.01 for Windows NT is prone to this issue.

Exploit: There is no exploit required.

Remote: Yes

Solution: Cisco realesed a patch at http://www.cisco.com/pcgi-bin/tablebuild.pl/cs-acs-win