CVE-2002-0159

Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.

Severity	HIGH
CVSS	7.5
CWE	CWE-134
KEV
Published	24 years ago
Modified	1 month ago

Related Products

Product	Advisory	Evidence
Cisco Secure Access Control Server (ACS) for Windows 2000/ NT	cisco-sa-20020403-acs-win-web	Cisco OpenVuln
Cisco Secure Access Control Server (ACS) for Windows	cisco-sa-20020403-acs-win-web	Cisco OpenVuln