Intrusion Prevention



This indicates an attempt to exploit a buffer overflow vulnerability in Xtacacsd running under freebsd.
The vulnerability is caused by a input parameter check error in the report function. It allows a remote attacker to execute arbitray code on a victim system by sending an excessively long username parameter.

Affected Products

XTACACSD version 4.1.2 and prior.


System compromise: remote code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.