Cisco Secure Access Control Server for Windows Remote Code Execution

Critical Nessus Plugin ID 69926

Synopsis

The remote Windows host has an access control application installed that is affected by a code execution vulnerability.

Description

The version of Cisco Secure Access Control Server for Windows 4.x is earlier than 4.2.1.15.11. It is, therefore, potentially affected by a remote code execution vulnerability. Due to improper parsing of user identities used for EAP-FAST authentication, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Note that this issue only affects Cisco Secure Access Control Server for Windows when configured as a RADIUS server.

Solution

Upgrade to Cisco Secure Access Control Server for Windows 4.2.1.15.11 or later.

See Also

http://www.nessus.org/u?cf1e10c2

Plugin Details

Severity: Critical

ID: 69926

File Name: cisco_secure_acs_for_windows_sa20130828.nasl

Version: 1.5

Type: local

Agent: windows

Family: Windows

Published: 2013/09/17

Updated: 2018/11/15

Dependencies: 69925

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:cisco:secure_access_control_server

Required KB Items: SMB/Cisco Secure ACS for Windows/Path, SMB/Cisco Secure ACS for Windows/Version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2013/08/28

Vulnerability Publication Date: 2013/08/28

Reference Information

CVE: CVE-2013-3466

BID: 62028

CISCO-BUG-ID: CSCui57636

IAVA: 2013-A-0167

CISCO-SA: cisco-sa-20130828-acs