07-27-2012 07:14 AM - edited 03-10-2019 07:21 PM
Hi,
A client of ours identified the following vulnerabilities in the Windows component of their ACS SE 4.2 1113 appliance:
Microsoft Windows Server Service Could Allow Remote Code Execution
(MS08-067)
CVE-2008-4250
QID:
90464
Category:
Windows
CVE ID:
CVE-2008-4250
Vendor Reference
MS08-067
Bugtraq ID:
31874
Detected through MSRPC Interface
Microsoft SMB Remote Code Execution Vulnerability (MS09-001)
QID:
90477
Category:
Windows
CVE ID:
CVE-2008-4834 CVE-2008-4835 CVE-2008-4114
Vendor Reference
MS09-001
Bugtraq ID:
-
Are these legitimate security concerns or are they not relevant to Cisco's implementation of the Windows component of the ACS appliance?
Or do I have to raise a TAC for further information?
07-30-2012 09:09 PM
Hi it would be best to raise a tac case for this, I know that the acs solution engine comes with a built in CSA agent which is basically like a firewall and allows radius and tacacs communication through so I dont think it is succeptable to most of the windows flaws. With that said some of the patches do contain certian windows fixes but TAC will have to point you in the right direction as to what those fixes are.
Thanks,
Tarik Admani
*Please rate helpful posts*
07-31-2012 05:00 AM
I would agree with Tarik that Cisco TAC is the best party that you can contct.
But you can always make sure you are on the latest patch before contacting them.
I would say that if this problem is reported by a security audit then we are sure this vulnerability is exist with the ACS.
If you are copying this from somewhere then it is still probable if it is hitting the box.
HTH
Amjad
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide