Cisco released earlier a vulnerability note detailing a problem within some Cisco IOS versions that bypasses the command authorization offered by AAA services such as TACACS+. The bypass uses tclsh.
Why a router would need tclsh is a mystery to this handler.
Jan 25th 2006
1 decade ago