CiscoSecure ACS for Windows CSAdmin Login Overflow DoS
High Nessus Plugin ID 11556
SynopsisArbitrary code may be executed on the remote host.
DescriptionThe remote web server crashed when the 'login.exe' CGI received a too login query string. This leads to a denial of service or even execution of arbitrary code. Some versions of Cisco Secure ACS web server are known to be vulnerable to this flaw.
SolutionInstall ACS for Windows versions 3.0.4, 3.1.2, or later