This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.
The remote Windows host has an access control application installed
that is affected by a code execution vulnerability.
The version of Cisco Secure Access Control Server for Windows 4.x is
earlier than 184.108.40.206.11. It is, therefore, potentially affected by a
remote code execution vulnerability. Due to improper parsing of user
identities used for EAP-FAST authentication, a remote, unauthenticated
attacker could execute arbitrary code on the remote host subject to the
privileges of the user running the affected application.
Note that this issue only affects Cisco Secure Access Control Server for
Windows when configured as a RADIUS server.
See also :
Upgrade to Cisco Secure Access Control Server for Windows 220.127.116.11.11
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 8.3
Public Exploit Available : true