This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch.
The version of Cisco Secure Access Control System (ACS) running on the
remote host has a memory corruption vulnerability. The length of
EAP-Response packets is not properly parsed. Remote code execution
could be possible, but has not been confirmed. A remote,
unauthenticated attacker could exploit this to execute arbitrary code.
See also :
Upgrade to the relevant Cisco Secure Access Control System version
referenced in Cisco Security Response cisco-sr-20080903-csacs.
Risk factor :
High / CVSS Base Score : 7.5
CVSS Temporal Score : 6.2
Public Exploit Available : true