Update Protection against Cisco Secure Access Control Server UCP Application CSuserCGI.exe Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2008-131 | |
| Date Published: | ||
| Severity: | ||
| Last Updated: | ||
| Source: | Secunia Advisory: SA29351 | |
| Industry Reference(s): | CVE-2008-0532 | |
| Protection Provided by: |
IPS-1
|
|
| Who is Vulnerable? Cisco Systems UCP Prior to 4.2 | ||
| Vulnerability Description A buffer overflow vulnerability has been discovered in Cisco User-Changeable Password (UCP) application. The Cisco UCP application is used by Cisco Secure Access Control Server (ACS). It allows users to change their ACS passwords with a web-based utility. A remote attacker may exploit this issue to execute arbitrary code on a target system. |
||
|
Update/Patch Available Update to versions 4.2: Cisco |
|
|
Vulnerability Details The vulnerability is due to errors in the Cisco UCP application that fails to sufficiently validate input in the executable file CSuserCGI.exe. A remote attacker may exploit this issue by sending a malicious request to a target server. Successful exploitation of this vulnerability will allow the attacker to execute arbitrary code on a vulnerable system by providing a large argument in the request sent to the server. |
Protection Overview
By enabling this protection, IPS-1 will detect and block malformed requests sent to the server.
In order for the protection to be activated, update your product to the latest SmartDefense update. For information on how to update SmartDefense, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.