CVE-2007-0105

Published: Jan 9, 2007Modified: Apr 23, 2026

7.5

Vector

AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability: 10.0 / Impact: 6.4

Source: NVD

Description

Stack-based buffer overflow in the CSAdmin service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted HTTP GET request.

Affected (1)

Products: Cisco: Secure Access Control Server

Cisco

1 product

Secure Access Control Server

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cisco Secure Access Control Server	Up to 4.0.1

References (16)

http://secunia.com/advisories/23629

Source: cve@mitre.org

PatchVendor Advisory

http://securitytracker.com/id?1017475

Source: cve@mitre.org

http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml

Source: cve@mitre.org

Vendor Advisory

http://www.kb.cert.org/vuls/id/744249

Source: cve@mitre.org

US Government Resource

http://www.osvdb.org/32642

Source: cve@mitre.org

http://www.securityfocus.com/bid/21900

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0068

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/31323

Source: cve@mitre.org

http://secunia.com/advisories/23629