Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cisco secure access control server 4.0.1 vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2006-4098
Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows prior to 4.1 and ACS Solution Engine prior to 4.1 allows remote malicious users to execute arbitrary code via a crafted RADIUS Accounting-Request packet.
Cisco Secure Access Control Server 3.0Cisco Secure Access Control Server 3.1Cisco Secure Access Control Server 3.2.2Cisco Secure Access Control Server 3.3Cisco Secure Access Control Server 3.2\\(1.20\\)Cisco Secure Access Control Server 3.2\\(2\\)Cisco Secure Access Control Server 4.0Cisco Secure Access Control Server 4.0.1Cisco Secure Access Control Server 3.2\\(3\\)Cisco Secure Access Control Server 3.2.1Cisco Secure Access Control Server 3.2Cisco Secure Access Control Server 3.2\\(1\\)Cisco Secure Access Control Server 3.3\\(1\\)Cisco Secure Access Control Server 3.3.1Cisco Secure Access Control Server 3.3.2
7.5
CVSSv2
CVE-2006-3226
Cisco Secure Access Control Server (ACS) 4.x for Windows uses the client's IP address and the server's port number to grant access to an HTTP server port for an administration session, which allows remote malicious users to bypass authentication via various methods, aka...
Cisco Secure Access Control Server 4.0.1Cisco Secure Access Control Server 4.0
10
CVSSv2
CVE-2002-0012
Vulnerabilities in a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candidate will be SPLIT into m...
Snmp Snmp
10
CVSSv2
CVE-2002-0013
Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote malicious users to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest, and (3) SetRequest messages, as demonstrated by the PROTOS c06-SNMPv1 test...
Snmp Snmp
5
CVSSv2
CVE-2015-8139
ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.
Ntp Ntp
5.8
CVSSv2
CVE-2015-8140
The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.
Ntp Ntp
7.5
CVSSv2
CVE-2005-4499
The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote malicious u...
Cisco Vpn 3001 ConcentratorCisco Vpn 3015 ConcentratorCisco Vpn 3020 ConcentratorCisco Vpn 3030 ConcentatorCisco Vpn 3060 ConcentratorCisco Vpn 3080 ConcentratorCisco Adaptive Security Appliance Software 7.0Cisco Adaptive Security Appliance Software 7.0\\(4\\)Cisco Adaptive Security Appliance Software 7.0.1.4Cisco Adaptive Security Appliance Software 7.0.4.3Cisco Vpn 3000 Concentrator Series Software 2.0Cisco Vpn 3000 Concentrator Series Software 2.5.2.aCisco Vpn 3000 Concentrator Series Software 2.5.2.bCisco Vpn 3000 Concentrator Series Software 2.5.2.cCisco Vpn 3000 Concentrator Series Software 2.5.2.dCisco Vpn 3000 Concentrator Series Software 2.5.2.fCisco Vpn 3000 Concentrator Series Software 3.0Cisco Vpn 3000 Concentrator Series Software 3.0.3.aCisco Vpn 3000 Concentrator Series Software 3.0.3.bCisco Vpn 3000 Concentrator Series Software 3.0.4Cisco Vpn 3000 Concentrator Series Software 3.1Cisco Vpn 3000 Concentrator Series Software 3.1\\(rel\\)
5.8
CVSSv2
CVE-2015-7973
NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.
Ntp NtpNtp Ntp 4.2.8Siemens Tim 4r-ie FirmwareSiemens Tim 4r-ie Dnp3 FirmwareFreebsd Freebsd 9.3Freebsd FreebsdFreebsd Freebsd 10.1Freebsd Freebsd 10.2Netapp Clustered Data Ontap -Netapp Oncommand Balance -Canonical Ubuntu Linux 12.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04
2.1
CVSSv2
CVE-2015-7975
The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).
Ntp Ntp 4.3.0Ntp Ntp 4.3.1Ntp Ntp 4.3.16Ntp Ntp 4.3.17Ntp Ntp 4.3.18Ntp Ntp 4.3.24Ntp Ntp 4.3.25Ntp Ntp 4.3.31Ntp Ntp 4.3.32Ntp Ntp 4.3.39Ntp Ntp 4.3.4Ntp Ntp 4.3.40Ntp Ntp 4.3.47Ntp Ntp 4.3.48Ntp Ntp 4.3.54Ntp Ntp 4.3.55Ntp Ntp 4.3.62Ntp Ntp 4.3.63Ntp Ntp 4.3.7Ntp Ntp 4.3.70Ntp Ntp 4.3.77Ntp Ntp 4.3.78
4
CVSSv2
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.
Ntp Ntp 4.1.2Ntp NtpNtp Ntp 4.3.0Ntp Ntp 4.3.1Ntp Ntp 4.3.16Ntp Ntp 4.3.17Ntp Ntp 4.3.24Ntp Ntp 4.3.25Ntp Ntp 4.3.31Ntp Ntp 4.3.32Ntp Ntp 4.3.39Ntp Ntp 4.3.4Ntp Ntp 4.3.47Ntp Ntp 4.3.48Ntp Ntp 4.3.54Ntp Ntp 4.3.55Ntp Ntp 4.3.61Ntp Ntp 4.3.62Ntp Ntp 4.3.63Ntp Ntp 4.3.7Ntp Ntp 4.3.70Ntp Ntp 4.3.77
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook