Cisco Secure ACS EAP-Response报文解析拒绝服务漏洞

BUGTRAQ ID: 30997 CVE ID：CVE-2008-2441 CNCVE ID：CNCVE-20082441 Cisco Secure ACS是一款Cisco网络设备的中央管理平台，用于控制设备的认证和授权。 Cisco Secure ACS不正确解析EAP-Response报文长度，远程攻击者可以利用漏洞对服务程序进行拒绝服务攻击或可能导致任意代码执行。 远程攻击者作为RADIUS客户端可以针对Cisco Secure...

Cisco Secure ACS EAP Parsing Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Response: Cisco Secure ACS Denial Of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml Revision 1.0 ============ For Public Release 2008 September 03 1600 UTC GMT Cisco Response ============== This...

Cisco Secure ACS Denial Of Service Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Response: Cisco Secure ACS Denial Of Service Vulnerability http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml Revision 1.0 ============ For Public Release 2008 September 03 1600 UTC GMT Cisco Response ============== This...