Title: Cisco Security Advisory: Cisco Secure Access Control Server for
Windows Admin Buffer Overflow Vulnerability
(available to registered users)
(available to non-registered users)
Posted: April 23, 2003
Summary: Cisco Secure ACS for Windows is vulnerable to a buffer overflow
on the administration service which runs on TCP port 2002.
of this vulnerability results in a Denial of Service, and can
potentially result in system administrator access. Cisco is
providing repaired software, and customers are recommended to
install patches or upgrade at their earliest opportunity.
can be implemented, and consist of blocking external access to
port 2002 on the ACS.