CVE-2002-0159 Information
Share on:
Feb 14, 2021
cve
Description
Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows 2.6.x and earlier and 3.x through 3.01 (build 40) allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.
Reference
http://marc.info/?l=bugtraq&m=101787248913611&w=2 http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml http://www.iss.net/security_center/static/8742.php http://www.osvdb.org/2062 http://www.securityfocus.com/bid/4416