virus logo Intrusion Prevention

Xtacacsd.FreeBSD.Username.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer overflow vulnerability in Xtacacsd running under freebsd.
The vulnerability is caused by a input parameter check error in the report function. It allows a remote attacker to execute arbitray code on a victim system by sending an excessively long username parameter.

affected-products-logoAffected Products

XTACACSD version 4.1.2 and prior.

Impact logoImpact

System compromise: remote code execution.

recomended-action-logoRecommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

Version Updates

Date Version Detail
2020-10-22 16.948 Name:FreeBSD.
Xtacacsd.
Username.
Buffer.
Overflow:Xtacacsd.
FreeBSD.
Username.
Buffer.
Overflow
ID 15426
Created Feb 19, 2008
Updated Jun 09, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Default Action drop
Active
Affected OS BSD
Affected App Other