Vulnerability Database

296,746

Total vulnerabilities in the database

CVE-2002-0225

tac_plus Tacacs+ daemon F4.0.4.alpha, originally maintained by Cisco, creates files from the accounting directive with world-readable and writable permissions, which allows local users to access and modify sensitive files.

Published: May 16, 2002
Updated: Apr 13, 2023
CVE: CVE-2002-0225
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
cisco / tacacs+	f4.0.4alpha	f4.0.4alpha.x

http://online.securityfocus.com/archive/1/253288
http://www.iss.net/security_center/static/8061.php
http://www.securityfocus.com/bid/4003

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo