Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Secure Access Control Server authentication bypass
Published:09.10.2013
Source:
SecurityVulns ID:13348
Type:remote
Threat Level:
5/10
Description:Authentication bypass if EAP-FAST protocol is used.
Affected:CISCO : Secure Access Control Server 4.2
CVE:CVE-2013-3466 (The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57636.)
Files:Cisco Secure Access Control Server Remote Command Execution Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod