Back to search
CVE-2006-4097
Published: Jan 8, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
Multiple unspecified vulnerabilities in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allow remote attackers to cause a denial of service (crash) via a crafted RADIUS Access-Request packet. NOTE: it has been reported that at least one issue is a heap-based buffer overflow involving the Tunnel-Password attribute.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
cisco-acs-csadmin-dos(31334)
vdb-entry
x_refsource_XF
23629
third-party-advisory
x_refsource_SECUNIA
21900
vdb-entry
x_refsource_BID
VU#443108
third-party-advisory
x_refsource_CERT-VN
ADV-2007-0068
vdb-entry
x_refsource_VUPEN
1017475
vdb-entry
x_refsource_SECTRACK
36125
vdb-entry
x_refsource_OSVDB
20070105 Multiple Vulnerabilities in Cisco Secure Access Control Server
vendor-advisory
x_refsource_CISCO
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now