Vulnerability Description
Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Secure Access Control Server | <= 4.0.1 |
References
- http://secunia.com/advisories/23629PatchVendor Advisory
- http://securitytracker.com/id?1017475
- http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtmlVendor Advisory
- http://www.kb.cert.org/vuls/id/744249US Government Resource
- http://www.osvdb.org/32642
- http://www.securityfocus.com/bid/21900
- http://www.vupen.com/english/advisories/2007/0068
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31323
- http://secunia.com/advisories/23629PatchVendor Advisory
- http://securitytracker.com/id?1017475
- http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtmlVendor Advisory
- http://www.kb.cert.org/vuls/id/744249US Government Resource
- http://www.osvdb.org/32642
- http://www.securityfocus.com/bid/21900
- http://www.vupen.com/english/advisories/2007/0068
FAQ
What is CVE-2007-0105?
CVE-2007-0105 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary co...
How severe is CVE-2007-0105?
CVE-2007-0105 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0105?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Secure Access Control Server.