Cisco Secure Access Control Server for Windows Remote Code Execution

high Nessus Plugin ID 69926

Synopsis

The remote Windows host has an access control application installed that is affected by a code execution vulnerability.

Description

The version of Cisco Secure Access Control Server for Windows 4.x is earlier than 4.2.1.15.11. It is, therefore, potentially affected by a remote code execution vulnerability. Due to improper parsing of user identities used for EAP-FAST authentication, a remote, unauthenticated attacker could execute arbitrary code on the remote host subject to the privileges of the user running the affected application.

Note that this issue only affects Cisco Secure Access Control Server for Windows when configured as a RADIUS server.

Solution

Upgrade to Cisco Secure Access Control Server for Windows 4.2.1.15.11 or later.

See Also

http://www.nessus.org/u?cf1e10c2

Plugin Details

Severity: High

ID: 69926

File Name: cisco_secure_acs_for_windows_sa20130828.nasl

Version: 1.6

Type: local

Agent: windows

Family: Windows

Published: 9/17/2013

Updated: 11/27/2019

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-3466

Vulnerability Information

CPE: cpe:/a:cisco:secure_access_control_server

Required KB Items: SMB/Cisco Secure ACS for Windows/Path, SMB/Cisco Secure ACS for Windows/Version

Exploit Ease: No known exploits are available

Patch Publication Date: 8/28/2013

Vulnerability Publication Date: 8/28/2013

Reference Information

CVE: CVE-2013-3466

BID: 62028

CISCO-SA: cisco-sa-20130828-acs

IAVA: 2013-A-0167

CISCO-BUG-ID: CSCui57636