Summary
It may be possible to make this Cisco Secure ACS web server(login.exe) execute arbitrary code by sending it a too long login url.
Solution
Cisco has already released a patch for this problem
Severity
Classification
-
CVE CVE-2003-0210 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities
- Cisco TelePresence TC and TE Software Multiple Security Vulnerabilities
- Cisco Prime LAN Management Solution Remote Command Execution Vulnerability
- Multiple Cisco Nexus Devices IP Stack Remote Denial of Service Vulnerability
- Cisco VG248 login password is blank
- Multiple Cisco Products Multiple Remote Buffer Overflow Vulnerabilities