Bugtraq mailing list archives

Cisco Clean Access Agent (Perfigo) bypass

From: llhansen-bugtraq () adams edu
Date: 19 Aug 2005 16:30:24 -0000

Description: 
Cisco Clean Access is an easily deployed software solution that can automatically detect, isolate, and clean infected 
or vulnerable devices that attempt to access your network. It identifies whether networked devices such as laptops, 
personal digital assistants, even game consoles are compliant with your network's security policies and repairs any 
vulnerabilities before permitting access to the network. 

Vendor site:
http://www.cisco.com/en/US/products/ps6128/

Affected versions: 
This works in at least 3.5.3.1 and 3.5.4.

Discovery Date: 
2005-08-12

Report Date: 
2005-08-19

Severity:
Medium

Vulnerability: 
End users can bypass the "mandatory" installation of the Clean Access Agent by changing the User-Agent string of their 
browser. This allows them to connect to the network without the host-based checks being run. If configured, remote 
checks are still run.

Current thread:

Cisco Clean Access Agent (Perfigo) bypass llhansen-bugtraq (Aug 19)
- <Possible follow-ups>
- RE: Cisco Clean Access Agent (Perfigo) bypass Dario Ciccarone (dciccaro) (Aug 22)
- RE: Cisco Clean Access Agent (Perfigo) bypass Dario Ciccarone (dciccaro) (Aug 22)
- Re: RE: Cisco Clean Access Agent (Perfigo) bypass cdmiller-bugtraq (Aug 22)