ByteOS Network

NVD Vulnerability Details :

CVE-2002-0159

Deferred

Source-cve@mitre.org

Published At-22 Apr, 2002 | 04:00

Updated At-03 Apr, 2025 | 01:03

Format string vulnerability in the administration function in Cisco Secure Access Control Server (ACS) for Windows, 2.6.x and earlier and 3.x through 3.01 (build 40), allows remote attackers to crash the CSADMIN module only (denial of service of administration function) or execute arbitrary code via format strings in the URL to port 2002.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Primary	2.0	7.5	HIGH	AV:N/AC:L/Au:N/C:P/I:P/A:P

Type: Primary

Version: 2.0

Base score: 7.5

Base severity: HIGH

Vector:

AV:N/AC:L/Au:N/C:P/I:P/A:P

CPE Matches

Weaknesses

CWE ID	Type	Source
CWE-134	Primary	nvd@nist.gov

CWE ID: CWE-134

Type: Primary

Source: nvd@nist.gov

References

Hyperlink	Source	Resource
http://marc.info/?l=bugtraq&m=101787248913611&w=2	cve@mitre.org	N/A
http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml	cve@mitre.org	Patch Vendor Advisory
http://www.iss.net/security_center/static/8742.php	cve@mitre.org	N/A
http://www.osvdb.org/2062	cve@mitre.org	N/A
http://www.securityfocus.com/bid/4416	cve@mitre.org	N/A
http://marc.info/?l=bugtraq&m=101787248913611&w=2	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.cisco.com/warp/public/707/ACS-Win-Web.shtml	af854a3a-2127-422b-91ae-364da2661108	Patch Vendor Advisory
http://www.iss.net/security_center/static/8742.php	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.osvdb.org/2062	af854a3a-2127-422b-91ae-364da2661108	N/A
http://www.securityfocus.com/bid/4416	af854a3a-2127-422b-91ae-364da2661108	N/A