CVE-2004-1459
https://notcve.org/view.php?id=CVE-2004-1459
Cisco Secure Access Control Server (ACS) 3.2, when configured as a Light Extensible Authentication Protocol (LEAP) RADIUS proxy, allows remote attackers to cause a denial of service (device crash) via certain LEAP authentication requests. • http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17116 •
CVE-2004-1458
https://notcve.org/view.php?id=CVE-2004-1458
The CSAdmin web administration interface for Cisco Secure Access Control Server (ACS) 3.2(2) build 15 allows remote attackers to cause a denial of service (hang) via a flood of TCP connections to port 2002. • http://osvdb.org/9182 http://secunia.com/advisories/12386 http://www.ciac.org/ciac/bulletins/o-203.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17114 •
CVE-2004-1461
https://notcve.org/view.php?id=CVE-2004-1461
Cisco Secure Access Control Server (ACS) 3.2(3) and earlier spawns a separate unauthenticated TCP connection on a random port when a user authenticates to the ACS GUI, which allows remote attackers to bypass authentication by connecting to that port from the same IP address. • http://www.cisco.com/warp/public/707/cisco-sa-20040825-acs.shtml http://www.securityfocus.com/bid/11047 https://exchange.xforce.ibmcloud.com/vulnerabilities/17118 •
CVE-2003-0210
https://notcve.org/view.php?id=CVE-2003-0210
Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. Desbordamiento de búfer en el servicio de administración (CSAdmin) de Cisco Secure ACS anteriores a 3.1.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante un parámetro de usuario largo al puerto 2002. • http://marc.info/?l=bugtraq&m=105120066126196&w=2 http://marc.info/?l=ntbugtraq&m=105118056332344&w=2 http://www.cisco.com/warp/public/707/cisco-sa-20030423-ACS.shtml http://www.kb.cert.org/vuls/id/697049 •
CVE-2002-0938 – Cisco Secure ACS for Windows NT 3.0 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2002-0938
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe. • https://www.exploit-db.com/exploits/21555 http://archives.neohapsis.com/archives/bugtraq/2002-06/0156.html http://online.securityfocus.com/archive/1/278222 http://www.iss.net/security_center/static/9353.php http://www.securityfocus.com/bid/5026 •