Buffer Overflow in Cisco Secure Access Control Server CSAdmin Service
CVE-2007-0105

Currently unrated

Key Information:

Vendor: Cisco
Status: Secure Access Control Server
Vendor: CVE Published:; 9 January 2007

Summary

A stack-based buffer overflow vulnerability exists in the CSAdmin service of Cisco Secure Access Control Server (ACS) for Windows prior to version 4.1 and ACS Solution Engine prior to version 4.1. Attackers can exploit this vulnerability by sending specially crafted HTTP GET requests, which may allow them to execute arbitrary code remotely on the affected system.

References

http://secunia.com/advisories/23629

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/21900

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/31323

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Jan 9, 2007
Vulnerability Reserved
Jan 8, 2007