Cisco : Security Vulnerabilities, CVEs, Published In December 2006
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.
Max CVSS
10.0
EPSS Score
18.51%
Published
2006-12-31
Updated
2017-07-20
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
Max CVSS
7.8
EPSS Score
2.23%
Published
2006-12-31
Updated
2018-10-30
2 vulnerabilities found