Published: 14/03/2008 Updated: 15/10/2018

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) prior to 4.2 in Cisco Secure Access Control Server (ACS) for Windows and ACS Solution Engine allow remote malicious users to execute arbitrary code via a long argument located immediately after the Logout argument, and possibly unspecified other vectors.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco acs solution engine
cisco user changeable password 4.1
cisco acs for windows

source: wwwsecurityfocuscom/bid/28222/info Cisco User-Changeable Password (UCP) is prone to multiple remote vulnerabilities, including cross-site scripting and buffer-overflow vulnerabilities Exploiting the cross-site scripting issues may help the attacker steal cookie-based authentication credentials and launch other attacks Exploitin ...

The Cisco Secure Access Control Server (ACS) for Windows User-Changeable Password (UCP) application suffers from buffer overflow and cross site scripting vulnerabilities Details provided ...

CWE-119 http://www.recurity-labs.com/content/pub/RecurityLabs_Cisco_ACS_UCP_advisory.txt http://www.cisco.com/en/US/products/products_security_advisory09186a008095f0c4.shtml http://www.securityfocus.com/bid/28222 http://securitytracker.com/id?1019608 http://secunia.com/advisories/29351 http://securityreason.com/securityalert/3743 http://www.vupen.com/english/advisories/2008/0868 https://exchange.xforce.ibmcloud.com/vulnerabilities/41154 http://www.securityfocus.com/archive/1/489463/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/31394/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-0532

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect