Executive Summary
Summary | |
---|---|
Title | Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities |
Informations | |||
---|---|---|---|
Name | cisco-sa-20080312-ucp | First vendor Publication | 2008-01-14 |
Vendor | Cisco | Last vendor Modification | 2008-03-12 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Two sets of vulnerabilities were discovered in the Cisco Secure Access Control Server (ACS) for Windows User-Changeable Password (UCP) application and reported to Cisco by Felix 'FX' Lindner, Recurity Labs GmbH. The first set of vulnerabilities address several buffer overflow conditions in the UCP application that could result in remote execution of arbitrary code on the host system where UCP is installed. The second set of vulnerabilities address cross-site scripting in the UCP application pages. Both sets of vulnerabilities could be remotely exploited, and do not require valid user credentials. Cisco has released a free software update for UCP that addresses these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. |
Original Source
Url : http://www.cisco.com/en/US/products/products_security_advisory09186a008095 (...) |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
50 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
50 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 1 | |
Application | 1 |
SAINT Exploits
Description | Link |
---|---|
Cisco Secure ACS UCP CSuserCGI.exe buffer overflow | More info here |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42962 | Cisco Secure Access Control Server (ACS) CSUserCGI.exe Help Facility XSS |
42961 | Cisco Secure Access Control Server (ACS) CSuserCGI.exe Multiple Remote Overflows |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2008-03-25 | IAVM : 2008-B-0025 - Cisco Secure Access Control Server for Windows User-Changeable Password Vulne... Severity : Category I - VMSKEY : V0015781 |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Cisco Secure Access Control Server UCP Application CSuserCGI.exe buffer overf... RuleID : 13656 - Revision : 12 - Type : SERVER-WEBAPP |
Alert History
Date | Informations |
---|---|
2014-01-19 21:20:31 |
|
2013-11-11 12:37:26 |
|