Details of VAR-200305-0056

ID

VAR-200305-0056

CVE

CVE-2003-0210

TITLE

Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests

Trust: 0.8

sources: CERT/CC: VU#697049

DESCRIPTION

Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. It has been reported that some versions of the Cisco Secure ACS software do not properly handle input supplied during authentication. Because of this, it may be possible for a remote attacker to gain unauthorized access to a host using the vulnerable software. The management service of Cisco Secure ACS listens on TCP port 2002 and provides WEB-based management. When CSAdmin processes the login request, there is a buffer overflow. If an overlong user parameter is sent to the service program, the service can be suspended, and it needs to be restarted to obtain normal service. It may execute arbitrary commands with system privileges. The BUG ID of this vulnerability is: CSCea51366

Trust: 1.98

sources: NVD: CVE-2003-0210 // CERT/CC: VU#697049 // BID: 7413 // VULHUB: VHN-7039

AFFECTED PRODUCTS

vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.6.4	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	3.0.1	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.6.3	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.1	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	3.0	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.4	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.6	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.6.2	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.3	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	2.5	Trust: 1.6
vendor:	cisco	model:	secure access control server	scope:	eq	version:	3.0.3	Trust: 1.0
vendor:	cisco	model:	secure access control server	scope:	eq	version:	3.1.1	Trust: 1.0
vendor:	cisco	model:	-	scope:	-	version:	-	Trust: 0.8
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	3.1.1	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	3.0.3	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	3.0.1	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.6.4	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.6.3	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.6.2	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.6	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.5	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.4	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.3	Trust: 0.3
vendor:	cisco	model:	secure acs for windows nt	scope:	eq	version:	2.1	Trust: 0.3

sources: CERT/CC: VU#697049 // BID: 7413 // CNNVD: CNNVD-200305-032 // NVD: CVE-2003-0210

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2003-0210
value:	HIGH
Trust: 1.0
CARNEGIE MELLON:	VU#697049
value:	6.24
Trust: 0.8
CNNVD:	CNNVD-200305-032
value:	HIGH
Trust: 0.6
VULHUB:	VHN-7039
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2003-0210
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-7039
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: CERT/CC: VU#697049 // VULHUB: VHN-7039 // CNNVD: CNNVD-200305-032 // NVD: CVE-2003-0210

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2003-0210

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200305-032

TYPE

Boundary Condition Error

Trust: 0.9

sources: BID: 7413 // CNNVD: CNNVD-200305-032

EXTERNAL IDS

db:	CERT/CC	id:	VU#697049	Trust: 2.5
db:	NVD	id:	CVE-2003-0210	Trust: 2.0
db:	BID	id:	7413	Trust: 1.2
db:	CNNVD	id:	CNNVD-200305-032	Trust: 0.7
db:	CISCO	id:	20030423 CISCO SECURE ACCESS CONTROL SERVER FOR WINDOWS ADMIN BUFFER OVERFLOW VULNERABILITY	Trust: 0.6
db:	BUGTRAQ	id:	20030424 NSFOCUS SA2003-04 : REMOTE BUFFER OVERFLOW VULNERABILITY IN WEB MANAGEMENT INTERFACE OF CISCO SECURE ACS	Trust: 0.6
db:	NTBUGTRAQ	id:	20030424 NSFOCUS SA2003-04 : REMOTE BUFFER OVERFLOW VULNERABILITY IN WEB MANAGEMENT INTERFACE OF CISCO SECURE ACS	Trust: 0.6
db:	VULHUB	id:	VHN-7039	Trust: 0.1

sources: CERT/CC: VU#697049 // VULHUB: VHN-7039 // BID: 7413 // CNNVD: CNNVD-200305-032 // NVD: CVE-2003-0210

REFERENCES

url:	http://www.cisco.com/warp/public/707/cisco-sa-20030423-acs.shtml	Trust: 2.5
url:	http://www.kb.cert.org/vuls/id/697049	Trust: 1.7
url:	http://marc.info/?l=bugtraq&m=105120066126196&w=2	Trust: 1.0
url:	http://marc.info/?l=ntbugtraq&m=105118056332344&w=2	Trust: 1.0
url:	http://www.cisco.com/warp/public/cc/pd/sqsw/sq/	Trust: 0.8
url:	http://www.cisco.com/application/pdf/en/us/guest/products/ps407/c1629/ccmigration_09186a00801085d0.pdf	Trust: 0.8
url:	http://www.securityfocus.com/bid/7413	Trust: 0.8
url:	http://www.securityfocus.com/archive/1/319576	Trust: 0.8
url:	http://www.nsfocus.com/english/homepage/sa2003-04.htm	Trust: 0.8
url:	http://www.ietf.org/html.charters/aaa-charter.html	Trust: 0.8
url:	http://www.cisco.com/warp/public/707/advisory.html	Trust: 0.8
url:	http://marc.theaimsgroup.com/?l=bugtraq&m=105120066126196&w=2	Trust: 0.6
url:	http://marc.theaimsgroup.com/?l=ntbugtraq&m=105118056332344&w=2	Trust: 0.6
url:	/archive/1/319483	Trust: 0.3
url:	/archive/1/319576	Trust: 0.3
url:	http://marc.info/?l=bugtraq&m=105120066126196&w=2	Trust: 0.1
url:	http://marc.info/?l=ntbugtraq&m=105118056332344&w=2	Trust: 0.1

sources: CERT/CC: VU#697049 // VULHUB: VHN-7039 // BID: 7413 // CNNVD: CNNVD-200305-032 // NVD: CVE-2003-0210

CREDITS

Cisco Security bulletin

Trust: 0.6

sources: CNNVD: CNNVD-200305-032

SOURCES

db:	CERT/CC	id:	VU#697049
db:	VULHUB	id:	VHN-7039
db:	BID	id:	7413
db:	CNNVD	id:	CNNVD-200305-032
db:	NVD	id:	CVE-2003-0210

LAST UPDATE DATE

2024-08-14T15:31:14.234000+00:00

SOURCES UPDATE DATE

db:	CERT/CC	id:	VU#697049	date:	2003-06-05T00:00:00
db:	VULHUB	id:	VHN-7039	date:	2016-10-18T00:00:00
db:	BID	id:	7413	date:	2009-07-11T21:07:00
db:	CNNVD	id:	CNNVD-200305-032	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2003-0210	date:	2016-10-18T02:30:42.893

SOURCES RELEASE DATE

db:	CERT/CC	id:	VU#697049	date:	2003-06-05T00:00:00
db:	VULHUB	id:	VHN-7039	date:	2003-05-12T00:00:00
db:	BID	id:	7413	date:	2003-04-23T00:00:00
db:	CNNVD	id:	CNNVD-200305-032	date:	2003-04-23T00:00:00
db:	NVD	id:	CVE-2003-0210	date:	2003-05-12T04:00:00