Home » Hacking News » Cisco Secure ACS Management Interface Login Field Buffer Overflow Vulnerability
Cisco Secure ACS Management Interface Login Field Buffer Overflow Vulnerability
by Mario Miri on May 13th, 2003 Some versions os Cisco Secure ACS software do not properly handle supplied input during authentication. It may be possible for a remote attacker to gain unauthorized access to the vulnerable server.
Vulnerable:
Cisco Secure ACS for Windows NT 2.6.4
Cisco Secure ACS for Windows NT 3.0
Cisco Secure ACS for Windows NT 3.0.1
Cisco Secure ACS for Windows NT 3.0.3
Cisco Secure ACS for Windows NT 3.1.1
Solution:
Patch is available from:
http://www.cisco.com/cgi-bin/tablebuild.pl/cs-acs-win
Discovered by:
NSFOCUS Security Team