CiscoSecure ACS for Windows NT Oversized TACACS+ Packet DoS Vulnerability

info
discussion
exploit
solution
references

CiscoSecure ACS for Windows NT Oversized TACACS+ Packet DoS Vulnerability

If a remote attacker is capable of sniffing or injecting traffic in between a server running CiscoSecure ACS for Windows NT and a TACACS+ client, CiscoSecure ACS for Windows NT can be made to crash if an oversized TACACS+ packet is sent to it.