For those not on the security mailing list. -----Original Message----- From: Cisco Systems Product Security Incident Response Team [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 07, 2002 10:30 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Cisco Security Advisory: Cisco Secure Access Control Server Novell Directory Service Expired/Disabled User Authentication Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Cisco Secure Access Control Server Novell Directory Service Expired/Disabled User Authentication Vulnerability ========================================================================== Revision 1.0 For Public Release 2002 February 07 08:00 (UTC -0800) ------------------------------------------------------------------------ Summary ======= Specific versions of Cisco Secure Authentication Control Server (ACS) allows authentication of users that have been explicitly disabled or expired in the Novell Directory Services (NDS). There is a software patch that may be applied, and software upgrades will also address this problem. The complete notice will be available at http://www.cisco.com/warp/public/707/ciscosecure-acs-nds-authentication-vuln -pub .shtml FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]