EUVD-2013-3401

Malware in sbrugna...

Cisco Secure Access Control Server for Windows Remote Code Execution

The version of Cisco Secure Access Control Server for Windows 4.x is earlier than 4.2.1.15.11. It is, therefore, potentially affected by a remote code execution vulnerability. Due to improper parsing of user identities used for EAP-FAST authentication, a remote, unauthenticated attacker could...

CISCO vulnerability allows remote attacker to take control of Windows system

Cisco has fixed a critical vulnerability in Secure Access Control Server for Windows that could allow remote attackers to execute arbitrary commands and take control of the underlying operating system. Cisco Secure ACS is an application that allows companies to centrally manage access to network...

CISCO vulnerability allows remote attacker to take control of Windows system

Cisco has fixed a critical vulnerability in Secure Access Control Server for Windows that could allow remote attackers to execute arbitrary commands and take control of the underlying operating system. Cisco Secure ACS is an application that allows companies to centrally manage access to network...

CVE-2013-3466

The EAP-FAST authentication module in Cisco Secure Access Control Server ACS 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID...