Cisco Secure ACS multiple security vulnerabilities - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Cisco Secure ACS multiple security vulnerabilities
Published: 07.01.2007
Source: BUGTRAQ
SecurityVulns ID: 7012
Type: remote
Level: 6/10
Description: Buffer overflow and DoS on malformed RADIUS packet parsing, buffer overflow on malformed HTTP request.

Affected: CISCO : CiscoSecure ACS 4.0
CVE: CVE-2007-0105 (Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.)

Original document CISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control Server (07.01.2007)

Discuss: Read or add your comments to this news (0 comments)