EUVD-2004-1454

Malware in sbrugna...

CVE-2007-0105

The CVE-2007-0105 issue affects Cisco Secure Access Control Server (ACS) and ACS Solution Engine prior to version 4.1, where the CSAdmin web server mishandles specially crafted HTTP GET requests, causing a stack-based buffer overflow. This allows a remote attacker to execute arbitrary code or cra...

CVE-2004-1458

The CVE-2004-1458 entry concerns Cisco Secure Access Control Server (ACS) 3.2(2) build 15, specifically the CSAdmin web administration interface. The vulnerability allows remote attackers to cause a denial of service (hang) by flooding port 2002 with TCP connections. The available documents confi...

Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests

Overview Cisco Secure ACS for Windows contains a buffer overflow vulnerability that could permit a remote attacker to execute arbitrary code or cause a denial of service. Description Cisco Secure ACS for Windows is an authentication, authorization, and accounting AAA server. From Cisco Security...

CVE-2002-0159

The vulnerability CVE-2002-0159 affects Cisco Secure Access Control Server (ACS) for Windows (2.6.x and earlier; 3.x through 3.01 build 40). A format string flaw in the CSADMIN module allows remote attackers to crash the administration function or execute arbitrary code via crafted format strings...

CVE-2000-1054

Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.42 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet...

Cisco Secure ACS for Windows NT 2.42 - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/1705/info Depending on the data entered, CiscoSecure ACS for Windows NT can be made to crash or arbitrary code execution can be made possible if an unusually long packet is sent to port 2002. If the application were to crash due to an oversized packet, th...