Lucene search

[email protected]CVE-2006-4098

HistoryDec 31, 2006 - 5:00 a.m.

CVE-2006-4098

2006-12-3105:00:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2006-4098

cisco

acs

buffer overflow

remote code execution

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.185 Low

EPSS

Percentile

96.1%

JSON

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.

CPENameOperatorVersion
cisco:secure_access_control_servercisco secure access control servereq3.2
cisco:secure_access_control_servercisco secure access control servereq3.2.2
cisco:secure_access_control_servercisco secure access control servereq3.3.2
cisco:secure_access_control_servercisco secure access control servereq4.0
cisco:secure_access_control_servercisco secure access control servereq3.3\(1\)
cisco:secure_access_control_servercisco secure access control servereq4.0.1
cisco:secure_access_control_servercisco secure access control servereq3.0
cisco:secure_access_control_servercisco secure access control servereq3.2\(1.20\)
cisco:secure_access_control_servercisco secure access control servereq3.1
cisco:secure_access_control_servercisco secure access control servereq3.3.1

CPE	Name	Operator	Version
cisco:secure_access_control_server	cisco secure access control server	eq	3.2
cisco:secure_access_control_server	cisco secure access control server	eq	3.2.2
cisco:secure_access_control_server	cisco secure access control server	eq	3.3.2
cisco:secure_access_control_server	cisco secure access control server	eq	4.0
cisco:secure_access_control_server	cisco secure access control server	eq	3.3\(1\)
cisco:secure_access_control_server	cisco secure access control server	eq	4.0.1
cisco:secure_access_control_server	cisco secure access control server	eq	3.0
cisco:secure_access_control_server	cisco secure access control server	eq	3.2\(1.20\)
cisco:secure_access_control_server	cisco secure access control server	eq	3.1
cisco:secure_access_control_server	cisco secure access control server	eq	3.3.1

Rows per page:

1-10 of 151

References

osvdb.org/36126

secunia.com/advisories/23629

securitytracker.com/id?1017475

www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml

www.kb.cert.org/vuls/id/477164

www.securityfocus.com/bid/21900

www.vupen.com/english/advisories/2007/0068

exchange.xforce.ibmcloud.com/vulnerabilities/31327

8.2 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.185 Low

EPSS

Percentile

96.1%

JSON

Related for CVE-2006-4098

cisco1 cert1 securityvulns1