From Damir Rajnovic : We updated our unsupported version of TACACS+ server so it is no longer vulnerable to oversized T+ packets. You can download the new version, F4.0.4 alpha, if you follow this URL: ftp://ftp-eng.cisco.com/pub/tacacs A patch was supplied by Solar Designer in his paper analyzing tacacs+ vulnerabilities. Cisco tac_plus 4.0.3 alpha
Cisco TACACS+ tac_plus Server Malformed Packet Memory Exhaustion DoS
Remote / Network Access
Denial of Service
Loss of Availability
TACACS+ contains a flaw that may allow a remote denial of service. The issue is triggered when sending a packet with a long length field, which causes the server to run out of memory, and will result in loss of availability for the service.
Currently, there are no known workarounds or upgrades to correct this issue. However, Solar Designer has released an unsupported patch to address this vulnerability.