----------------------------------------------------------------------

Want a new job?

http://secunia.com/secunia_security_specialist/
http://secunia.com/hardcore_disassembler_and_reverse_engineer/

----------------------------------------------------------------------

TITLE:
Cisco Secure ACS EAP Packet Denial of Service

SECUNIA ADVISORY ID:
SA31731

VERIFY ADVISORY:
http://secunia.com/advisories/31731/

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
>From local network

OPERATING SYSTEM:
Cisco Secure ACS Solution Engine 3.x
http://secunia.com/product/4206/
Cisco Secure ACS Solution Engine 4.x
http://secunia.com/product/13658/

SOFTWARE:
Cisco Secure ACS 3.x
http://secunia.com/product/679/
Cisco Secure ACS 4.x
http://secunia.com/product/10635/

DESCRIPTION:
A vulnerability has been reported in Cisco Secure Access Control
Server (ACS), which can be exploited by malicious people to cause a
DoS (Denial of Service).

The vulnerability is caused due to an input validation error in Cisco
Secure ACS, which can be exploited to crash the "CSRadius" and
"CSAuth" processes by sending a specially crafted EAP packet
containing an overly large "length" value.

Successful exploitation may require knowledge of the RADIUS shared
secret.

SOLUTION:
Apply patches. Please see the vendor advisory for details.

PROVIDED AND/OR DISCOVERED BY:
Gabriel Campana and Laurent Butti, France Telecom / Orange

ORIGINAL ADVISORY:
Cisco:
http://www.cisco.com/warp/public/707/cisco-sr-20080903-csacs.shtml

Gabriel Campana and Laurent Butti:
http://archives.neohapsis.com/archives/bugtraq/2008-09/0033.html

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories
http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

----------------------------------------------------------------------