A client of ours identified the following vulnerabilities in the Windows component of their ACS SE 4.2 1113 appliance:
Microsoft Windows Server Service Could Allow Remote Code Execution
Detected through MSRPC Interface
Microsoft SMB Remote Code Execution Vulnerability (MS09-001)
CVE-2008-4834 CVE-2008-4835 CVE-2008-4114
Are these legitimate security concerns or are they not relevant to Cisco's implementation of the Windows component of the ACS appliance?
Or do I have to raise a TAC for further information?