Info

Disclosure

Jan 05, 2007

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

A buffer overflow exists in Secure ACS. The CSAdmin service fails to validate HTTP GET requests resulting in a stack overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Exploit: Exploit Unknown
Disclosure: OSVDB Verified, Vendor Verified
OSVDB: Security Software

Solution

Users of the 3.1 and 3.2 trains should contact the Cisco TAC for a fix. Users of the 3.3 train should upgrade to version 3.3(4) Build 12, as it has been reported to fix this vulnerability. A patch is available for users of the 4.0 train.

Products

Cisco Systems, Inc.	Secure Access Control Server for Windows	3.1
		3.2
		3.3
		4.0
	Secure Access Control Server Solution Engine	3.1
		3.2
		3.3
		4.0

References

Security Tracker: 1017475
CVE ID: 2007-0105 (see also: NVD)
Bugtraq ID: 21900
Secunia Advisory ID: 23629
ISS X-Force ID: 31323
CERT VU: 744249
VUPEN Advisory: ADV-2007-0068
Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2007-01/0167.html
Vendor Specific News/Changelog Entry: http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/32642

Info

Disclosure

Discovery

Dates

Exploit

Solution

Description

Classification

Solution

Products

Cisco Systems, Inc.

Secure Access Control Server for Windows

Secure Access Control Server Solution Engine

References

Credit