Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco secure access control server 4.0 vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2006-4098
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted RADIUS Accounting-Request packet.
Cisco Secure Access Control Server 3.0Cisco Secure Access Control Server 3.1Cisco Secure Access Control Server 3.2.2Cisco Secure Access Control Server 3.3Cisco Secure Access Control Server 3.2\\(1.20\\)Cisco Secure Access Control Server 3.2\\(2\\)Cisco Secure Access Control Server 4.0Cisco Secure Access Control Server 4.0.1Cisco Secure Access Control Server 3.2\\(3\\)Cisco Secure Access Control Server 3.2.1Cisco Secure Access Control Server 3.2Cisco Secure Access Control Server 3.2\\(1\\)Cisco Secure Access Control Server 3.3\\(1\\)Cisco Secure Access Control Server 3.3.1Cisco Secure Access Control Server 3.3.2
7.5
CVSSv2
CVE-2006-3226
Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote malicious users to bypass authentication via various methods, aka...
Cisco Secure Access Control Server 4.0.1Cisco Secure Access Control Server 4.0
7.5
CVSSv2
CVE-2008-2441
Cisco Secure ACS 3.x prior to 3.3(4) Build 12 patch 7, 4.0.x, 4.1.x prior to 4.1(4) Build 13 Patch 11, and 4.2.x prior to 4.2(0) Build 124 Patch 4 does not properly handle an EAP Response packet in which the value of the length field exceeds the actual packet length, which allows...
Cisco Secure Access Control ServerCisco Secure Acs
5
CVSSv2
CVE-2005-0356
Multiple TCP implementations with Protection Against Wrapped Sequence Numbers (PAWS) with the timestamps option enabled allow remote malicious users to cause a denial of service (connection loss) via a spoofed packet with a large timer value, which causes the host to discard late...
Cisco Interactive Voice ResponseCisco Ip Contact Center EnterpriseCisco Personal Assistant 1.4\\(2\\)Cisco Emergency Responder 1.1Cisco Intelligent Contact Manager 5.0Cisco Personal Assistant 1.3\\(3\\)Cisco Personal Assistant 1.3\\(4\\)Cisco Personal Assistant 1.4\\(1\\)Cisco Secure Access Control Server 2.3Cisco Secure Access Control Server 2.6Cisco Secure Access Control Server 3.0Cisco Secure Access Control Server 3.2\\(1.20\\)Cisco Secure Access Control Server 3.2\\(2\\)Cisco Agent DesktopCisco E-mail ManagerCisco Personal Assistant 1.3\\(1\\)Cisco Personal Assistant 1.3\\(2\\)Cisco Secure Access Control Server 2.3.5.1Cisco Secure Access Control Server 2.3.6.1Cisco Secure Access Control Server 2.6.3Cisco Secure Access Control Server 2.6.4Cisco Secure Access Control Server 3.1.1
7.5
CVSSv2
CVE-2002-0724
Buffer overflow in SMB (Server Message Block) protocol in Microsoft Windows NT, Windows 2000, and Windows XP allows malicious users to cause a denial of service (crash) via a SMB_COM_TRANSACTION packet with a request for the (1) NetShareEnum, (2) NetServerEnum2, or (3) NetServerE...
Microsoft Windows 2000Microsoft Windows Nt 4.0Microsoft Windows Xp
3.5
CVSSv2
CVE-2007-1467
Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator...
Cisco Unified Meetingplace ExpressCisco Unified Personal CommunicatorCisco Vpn Client 3.5.2Cisco Vpn Client 3.6.1Cisco Vpn Client 4.0.2cCisco Vpn Client 4.8.1Cisco Acs Solution Engine 4.1Cisco CiscoworksCisco Unified Video AdvantageCisco Unified VideoconferencingCisco Vpn Client 3.5.2bCisco Vpn Client 3.6Cisco Wan ManagerCisco Wireless Lan ControllersCisco Security Device ManagerCisco Unified MeetingplaceCisco Vpn Client 3.5.1Cisco Vpn Client 3.5.4Cisco Vpn Client 4.0.2aCisco Network Analysis ModuleCisco Wireless Control System 4.0Cisco Ip Communicator
7.5
CVSSv2
CVE-2015-6420
Serialized-object interfaces in certain Cisco Collaboration and Social Media; Endpoint Clients and Client Software; Network Application, Service, and Acceleration; Network and Content Security Devices; Network Management and Provisioning; Routing and Switching - Enterprise and Se...
Apache Commons CollectionsApache Commons Collections 4.0
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0Apache Http ServerOpenssl OpensslGnu GnutlsMozilla NssDebian Debian Linux 5.0Canonical Ubuntu Linux 10.10Fedoraproject Fedora 11Fedoraproject Fedora 13Debian Debian Linux 4.0Debian Debian Linux 8.0Debian Debian Linux 7.0Canonical Ubuntu Linux 9.04Debian Debian Linux 6.0Fedoraproject Fedora 12Canonical Ubuntu Linux 8.04Canonical Ubuntu Linux 10.04Canonical Ubuntu Linux 8.10Canonical Ubuntu Linux 9.10Fedoraproject Fedora 14F5 Nginx
10
CVSSv2
CVE-2002-0012
Vulnerabilities in a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into m...
Snmp Snmp
10
CVSSv2
CVE-2002-0013
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test...
Snmp Snmp
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook