Buffer Overflow Vulnerability in Cisco Security Agent by Cisco
CVE-2004-1112

Currently unrated

Key Information:

Vendor: Cisco
Status: Security Agent; Stormwatch
Vendor: CVE Published:; 10 January 2005

Summary

A buffer overflow vulnerability exists in Cisco Security Agent prior to version 4.0.3 build 728, which can be exploited by remote attackers. The vulnerability is triggered when the process waits for a user response for up to five minutes, allowing attackers to send additional malicious payloads during this interval and potentially bypass the protective measures in place. This loophole poses significant risks to system integrity and security as it undermines the intended buffer overflow protection mechanisms.

References

http://www.securityfocus.com/bid/11659

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/18037

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/cisco-sa-20041111-cs...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jan 10, 2005
Vulnerability Reserved
Nov 30, 2004