Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and previous versions and 3.x up to and including 3.01 (build 40), allows remote malicious users to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco secure access control server 3.0.1 |
||
cisco secure access control server 2.6.4 |
||
cisco secure access control server 3.0 |
||
cisco secure access control server 2.6 |
||
cisco secure access control server 2.6.2 |
||
cisco secure access control server 2.6.3 |