Title: Cisco Security Advisory: Cisco Secure Access Control Server for
Windows Admin Buffer Overflow Vulnerability
URL:
http://www.cisco.com/warp/customer/707/cisco-sa-20030423-ACS.shtml
(available to registered users)

http://www.cisco.com/warp/public/707/cisco-sa-20030423-ACS.shtml
(available to non-registered users)
Posted: April 23, 2003

Summary: Cisco Secure ACS for Windows is vulnerable to a buffer overflow
on the administration service which runs on TCP port 2002.
Exploitation
of this vulnerability results in a Denial of Service, and can
potentially result in system administrator access. Cisco is
providing repaired software, and customers are recommended to
install patches or upgrade at their earliest opportunity.
Workarounds
can be implemented, and consist of blocking external access to
port 2002 on the ACS.