|
|
Cisco Secure ACS EAP-Response Packet Parsing Denial of Service Vulnerability
|
Bugtraq ID:
|
30997
|
|
Class:
|
Failure to Handle Exceptional Conditions
|
|
CVE:
|
CVE-2008-2441
|
|
Remote:
|
Yes
|
|
Local:
|
No
|
|
Published:
|
Sep 03 2008 12:00AM
|
|
Updated:
|
Sep 03 2008 07:45PM
|
|
Credit:
|
Gabriel Campana and Laurent Butti from France Telecom / Orange
|
|
Vulnerable:
|
Cisco Virtual Central Office 4000 (VCO/4K) 4.1(1) build 23
Cisco Secure ACS for Windows 4.1
Cisco Secure Access Control Server 4.1
Cisco Secure Access Control Server 4.0.1
Cisco Secure Access Control Server 3.3.2
Cisco Secure Access Control Server 3.3.1
Cisco Secure Access Control Server 3.3 (1)
Cisco Secure Access Control Server 3.3
Cisco Secure Access Control Server 3.2.2
Cisco Secure Access Control Server 3.2.1
Cisco Secure Access Control Server 3.2 (3)
Cisco Secure Access Control Server 3.2 (2)
Cisco Secure Access Control Server 3.2 (1.20)
Cisco Secure Access Control Server 3.2 (1)
Cisco Secure Access Control Server 4.0
Cisco CiscoSecure ACS for Windows 3.2
Cisco CiscoSecure ACS for Windows 3.1
|
|
|
|
Not Vulnerable:
|
Cisco Secure ACS for Windows 4.2(0) Build 124 pat
Cisco Secure ACS for Windows 4.1(4) Build 13 patc
Cisco Secure ACS for Windows 3.3(4) Build 12 patc
|
|
|
