Cisco IOS software is reported prone to an authentication bypass vulnerability. This vulnerability presents itself in PPP CHAP authentication used by IOS. A remote attacker may bypass authentication to gain unauthorized access to vulnerable device. Cisco non-switch products with product numbers greater than or equal to 1000, AGS/AGS+/CGS/MGS, and CS-500 products are vulnerable to this issue. Another vulnerability related to the issue described above affects Cisco IOS/700 software. This issue can allow a remote attacker to establish an unauthorized PPP connection to a device that is running the vulnerable application. This attack requires the device to be using CHAP authentication and the attacker needs to modify code for a vulnerable PPP/CHAP implementation.