30 matches found
CVE-1999-0734
A default configuration of CiscoSecure Access Control Server ACS allows remote users to modify the server database without authentication...
EUVD-1999-0715
Malware in sbrugna...
EUVD-2002-0927
Malware in sbrugna...
EUVD-2000-1041
Malware in sbrugna...
EUVD-2000-1043
Malware in sbrugna...
EUVD-2000-1042
Malware in sbrugna...
Cisco Secure ACS for Windows NT 2.42 Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1705/info Depending on the data entered, CiscoSecure ACS for Windows NT can be made to crash or arbitrary code execution can be made possible if an unusually long packet is sent to port 2002. If the application were to...
Cisco Aironet AP1x00 Malformed HTTP GET Denial of Service Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8290/info Cisco Aironet AP1x00 series devices are prone to a denial of service vulnerability upon receipt of a malformed HTTP GET request. Such a request will cause the device to reload. !/usr/bin/perl Cisco Global...
Multiple Cisco Products Vulnerabilities Exploit (Cisco Global Exploiter)
No description provided by source. !/usr/bin/perl Cisco Global Exploiter Legal notes : The BlackAngels staff refuse all responsabilities for an incorrect or illegal use of this software or for eventual damages to others systems. www blackangels it Modules use Socket; use IO::Socket; Main ...
CiscoSecure ACS for Windows CSAdmin Login Overflow DoS
The remote web server crashed when the 'login.exe' CGI received a too login query string. This leads to a denial of service or even execution of arbitrary code. Some versions of Cisco Secure ACS web server are known to be vulnerable to this flaw. This script was written by Xue Yong Zhi Rewritten ...
CVE-2002-0938
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe...
CVE-2002-0938
CVE-2002-0938 describes a cross-site scripting vulnerability in CiscoSecure ACS 3.0, allowing remote attackers to execute arbitrary scripts or HTML as other web users via the action parameter in a link to setup.exe. The available sources reiterate the same description but do not provide additiona...
CVE-2002-0938
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe...
XSS in CiscoSecure ACS v3.0
sMax. Security Advisory ------------------------------- Title: Cross-Site Scripting in CiscoSecure ACS v3.0 Date: June 14, 2002 PRODUCT AFFECTED: CiscoSecure ACS v3.0 Win32 PRODUCT OVERVIEW: CiscoSecure ACS is Cisco's implementation of RADIUS. v3.0 is the current release of the product. Taken fro...
CiscoSecure ACS crossite scripting
Crossite scripting in web interface requires authentication...
CVE-2000-1055
CVE-2000-1055 corresponds to a buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier. The vulnerability can be triggered by processing a large TACACS+ packet, enabling remote attackers to cause a denial of service and potentially execute arbitrary commands. The linked sources (NVD, CVE rec...
CVE-2000-1054
CVE-2000-1054 affects CiscoSecure ACS Server 2.4(2) and earlier, via the CSAdmin module. A buffer overflow in processing a large packet may allow remote denial of service and possibly arbitrary command execution. The provided documents do not specify mitigation or patch details.
CVE-2000-1056
CiscoSecure ACS Server 2.42 and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords...
CVE-2000-1055
Buffer overflow in CiscoSecure ACS Server 2.42 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet...
CVE-2000-1056
CiscoSecure ACS Server 2.4(2) and earlier versions are affected by an LDAP authentication bypass when the LDAP server allows null passwords. The vulnerability allows remote attackers to bypass authentication and access the server, with partial impact to confidentiality, integrity, and availabilit...