|
Cisco Security Agent Buffer Overflow Detection Security Bypass
|
|
Secunia Advisory:
|
SA13178
|
|
|
Release Date:
|
2004-11-12
|
|
Last Update:
|
2004-12-07
|
|
Popularity:
|
6,823 views
|
|
|
Critical:
|
Less critical
|
|
Impact:
|
Security Bypass
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Cisco Okena StormWatch 3.x
Cisco Security Agent (CSA) 3.x
Cisco Security Agent (CSA) 4.x
|
|
|
Secunia CVSS-2 Score:
|
Available in Secunia business solutions 
|
|
|
Subscribe:
|
Instant alerts on relevant vulnerabilities
|
|
| Advisory Content (Page 1 of 3) | [ 1 ] [ 2 ] [ 3 ] | |
|
Description:
A vulnerability has been reported in Cisco Security Agent (CSA), which can be exploited by malicious people to bypass certain security features.
The vulnerability is caused due to an error in the buffer overflow detection functionality used for detecting exploitation of buffer overflow vulnerabilities. This can be exploited to bypass the offered protection by exploiting a buffer overflow vulnerability twice in rapid succession.
The vulnerability has been reported in the following versions:
* Cisco Security Agent 4.x (prior to version 4.0.3 build 728)
* Cisco Security Agent 3.x
* Okena Stormwatch 3.x
* Cisco Security Agent for CallManager (prior to version 4.0.3 build 728)
Change Page:
[ 1 ] [ 2 ] [ 3 ]
|
|
|
Track this Secunia Advisory
|
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.
Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.
|
|
|
About this Secunia Advisory
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
