Multiple Vulnerabilities in Cisco Secure Access Control Server for Windows

Reported April 4, 2002, by Cisco Systems.


·         Cisco Systems Secure Access Control Server for Windows



Two vulnerabilities exist in Cisco Systems’ Secure Access Control Server for Windows. The first vulnerability can lead to arbitrary code execution on the server, and the second problem can lead to information disclosure. With the first vulnerability, an attacker can connect to port 2002 and send a specially crafted URL to kill the CSADMIN module or execute arbitrary user-supplied code. The second vulnerability can let an attacker use "..\.." in the URL to access data in any directory outside the Web root directory (but only on the same hard disk or disk partition) by accessing only the following file types:

·         Html

·         Htm

·         Class

·         Jpg

·         Jpeg

·         Gif


An attacker must also know the exact location and filename to access the data—the attacker can't browse a directory this way.




Cisco Systems has issued a notice about this vulnerability and recommends that affected users obtain an upgrade of the software using normal support channels.


Discovered by Cisco Systems.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.