High

CVE-2003-0210 - Unspecified vulnerability in Cisco Secure Access Control Server

Publication: 2003-05-12
Summary

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.

Risk level (CVSS 7.5)

High

7.5

Access Vector

  • Network
  • Adjacent Network
  • Local

Access Complexity

  • Low
  • Medium
  • High

Authentication

  • None
  • Single
  • Multiple

Confident. Impact

  • Complete
  • Partial
  • None

Integrity Impact

  • Complete
  • Partial
  • None

Affected Products

  • Cisco Secure Access Control Server 2.1
  • Cisco Secure Access Control Server 2.3
  • Cisco Secure Access Control Server 2.4
  • Cisco Secure Access Control Server 2.5
  • Cisco Secure Access Control Server 2.6
  • Cisco Secure Access Control Server 2.6.2
  • Cisco Secure Access Control Server 2.6.3
  • Cisco Secure Access Control Server 2.6.4
  • Cisco Secure Access Control Server 3.0
  • Cisco Secure Access Control Server 3.0.1
  • Cisco Secure Access Control Server 3.0.3
  • Cisco Secure Access Control Server 3.1.1