CyberSec.Space Logo
Back to CVE Browser

CVE-2006-4098

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1830%
EPSS Percentile34.38th
PublishedDec 31, 2006
Last ModifiedApr 23, 2026

Vulnerability Description

Stack-based buffer overflow in the CSRadius service in Cisco Secure Access Control Server (ACS) for Windows before 4.1 and ACS Solution Engine before 4.1 allows remote attackers to execute arbitrary code via a crafted RADIUS Accounting-Request packet.

Affected Platforms (CPE)

πŸ“¦
Cisco

Secure Access Control Server

= 3.0
πŸ“¦
Cisco

Secure Access Control Server

= 3.1
πŸ“¦
Cisco

Secure Access Control Server

= 3.2
πŸ“¦
Cisco

Secure Access Control Server

= 3.2\(1\)
πŸ“¦
Cisco

Secure Access Control Server

= 3.2\(1.20\)
πŸ“¦
Cisco

Secure Access Control Server

= 3.2\(2\)
πŸ“¦
Cisco

Secure Access Control Server

= 3.2\(3\)
πŸ“¦
Cisco

Secure Access Control Server

= 3.2.1
πŸ“¦
Cisco

Secure Access Control Server

= 3.2.2
πŸ“¦
Cisco

Secure Access Control Server

= 3.3
πŸ“¦
Cisco

Secure Access Control Server

= 3.3\(1\)
πŸ“¦
Cisco

Secure Access Control Server

= 3.3.1
πŸ“¦
Cisco

Secure Access Control Server

= 3.3.2
πŸ“¦
Cisco

Secure Access Control Server

= 4.0
πŸ“¦
Cisco

Secure Access Control Server

= 4.0.1

References & Advisories

πŸ”— http://osvdb.org/36126
πŸ”— http://secunia.com/advisories/23629
πŸ”— http://securitytracker.com/id?1017475
πŸ”— http://www.cisco.com/warp/public/707/cisco-sa-20070105-csacs.shtml
πŸ”— http://www.kb.cert.org/vuls/id/477164
πŸ”— http://www.securityfocus.com/bid/21900
πŸ”— http://www.vupen.com/english/advisories/2007/0068
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/31327

Related Vulnerabilities

CVE-2004-109910.0

Cisco Secure Access Control Server for Windows (ACS Windows) and Cisco Secure Access Control Server Solution Engine (ACS Solution ...

CVE-2008-053210.0

Multiple buffer overflows in securecgi-bin/CSuserCGI.exe in User-Changeable Password (UCP) before 4.2 in Cisco Secure Access Contr...

CVE-2017-234310.0

The Integrated User Firewall (UserFW) feature was introduced in Junos OS version 12.1X47-D10 on the Juniper SRX Series devices to ...

CVE-2016-19089.8

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 serv...