Vulnerabilities > Cisco > Secure Access Control Server > 3.2.1.20
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2013-08-29 | CVE-2013-3466 | Improper Authentication vulnerability in Cisco Secure Access Control Server The EAP-FAST authentication module in Cisco Secure Access Control Server (ACS) 4.x before 4.2.1.15.11, when a RADIUS server configuration is enabled, does not properly parse user identities, which allows remote attackers to execute arbitrary commands via crafted EAP-FAST packets, aka Bug ID CSCui57636. | 9.3 |
2007-01-09 | CVE-2007-0105 | Remote vulnerability in Cisco Secure Access Control Server Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request. | 7.5 |
2006-12-31 | CVE-2006-4098 | Remote vulnerability in Cisco Secure Access Control Server Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet. | 10.0 |
2006-12-31 | CVE-2006-4097 | Remote vulnerability in Cisco Secure Access Control Server Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. | 7.8 |
2005-05-31 | CVE-2005-0356 | Remote Denial Of Service vulnerability in Multiple Vendor TCP Timestamp PAWS Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote attackers to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard later packets because they appear to be too old. | 5.0 |