CVE-2006-4098 Information

Description

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.

Reference

http://osvdb.org/36126 http://secunia.com/advisories/23629 http://securitytracker.com/id?1017475 http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml http://www.kb.cert.org/vuls/id/477164 http://www.securityfocus.com/bid/21900 http://www.vupen.com/english/advisories/2007/0068 https://exchange.xforce.ibmcloud.com/vulnerabilities/31327