Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) prior to 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote malicious users to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cisco acs solution engine |
||
cisco user changeable password 4.1 |
||
cisco acs for windows |