Vigil@nce - Cisco IOS, IOS XE: bypassing NTP access-group
July 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can bypass NTP access-group of Cisco IOS or IOS XE, in
order to access to the NTP service.
Impacted products: IOS, IOS XE, Cisco Router xx00 Series
Severity: 2/4
Creation date: 09/07/2014
DESCRIPTION OF THE VULNERABILITY
The access-group command defines the NTP service access.
However, an attacker can bypass this configuration.
An attacker can therefore bypass NTP access-group of Cisco IOS or
IOS XE, in order to access to the NTP service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Cisco-IOS-IOS-XE-bypassing-NTP-access-group-15015