QwikSec

Security Database

CVE

CWE

Training

CVE-2008-0532

Published: Mar 14, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote attackers to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

http://www.recurity-labs.com/content/pub/RecurityLabs_Cisco_ACS_UCP_advisory.txt

x_refsource_MISC

20080312 Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities

vendor-advisory

x_refsource_CISCO

20080312 Cisco ACS UCP Remote Pre-Authentication Buffer Overflows

mailing-list

x_refsource_BUGTRAQ

vdb-entry

x_refsource_BID

vdb-entry

x_refsource_VUPEN

third-party-advisory

x_refsource_SREASON

cisco-acs-ucp-csusercgi-bo(41154)

vdb-entry

x_refsource_XF

vdb-entry

x_refsource_SECTRACK

third-party-advisory

x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.