[cisco-ttl] FW: Cisco Security Advisory: Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability

From: Ağ ve Güvenlik Müh. - GAT (sustundag@tepum.com.tr)
Date: Fri Apr 25 2003 - 09:54:30 GMT

  • Next message: Pasa Bakac: "[cisco-ttl] dialup baglanti"

    Title: Cisco Security Advisory: Cisco Secure Access Control Server for
               Windows Admin Buffer Overflow Vulnerability
    URL:
    http://www.cisco.com/warp/customer/707/cisco-sa-20030423-ACS.shtml
               (available to registered users)
    http://www.cisco.com/warp/public/707/cisco-sa-20030423-ACS.shtml
               (available to non-registered users)
    Posted: April 23, 2003

    Summary: Cisco Secure ACS for Windows is vulnerable to a buffer overflow
               on the administration service which runs on TCP port 2002.
    Exploitation
               of this vulnerability results in a Denial of Service, and can
               potentially result in system administrator access. Cisco is
               providing repaired software, and customers are recommended to
               install patches or upgrade at their earliest opportunity.
    Workarounds
               can be implemented, and consist of blocking external access to
               port 2002 on the ACS.






    This archive was generated by hypermail 2.1.5 : Fri Apr 25 2003 - 13:50:52 GMT