ACS SE 4.2 underlying windows vulnerbilites

Unanswered Question
Jul 27th, 2012
User Badges:

Hi,


A client of ours identified the following vulnerabilities in the Windows component of their ACS SE 4.2 1113 appliance:


Microsoft Windows Server Service Could Allow Remote Code Execution

(MS08-067)

CVE-2008-4250


QID:

90464

Category:

Windows

CVE ID:

CVE-2008-4250

Vendor Reference

MS08-067

Bugtraq ID:

31874

Detected through MSRPC Interface


Microsoft SMB Remote Code Execution Vulnerability (MS09-001)




QID:

90477

Category:

Windows

CVE ID:

CVE-2008-4834 CVE-2008-4835 CVE-2008-4114

Vendor Reference

MS09-001

Bugtraq ID:

-


Are these legitimate security concerns or are they not relevant to Cisco's implementation of the Windows component of the ACS appliance?

Or do I have to raise a TAC for further information?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Tarik Admani Mon, 07/30/2012 - 21:09
User Badges:
  • Green, 3000 points or more

Hi it would be best to raise a tac case for this, I know that the acs solution engine comes with a built in CSA agent which is basically like a firewall and allows radius and tacacs communication through so I dont think it is succeptable to most of the windows flaws. With that said some of the patches do contain certian windows fixes but TAC will have to point you in the right direction as to what those fixes are.


Thanks,



Tarik Admani
*Please rate helpful posts*

Amjad Abdullah Tue, 07/31/2012 - 05:00
User Badges:
  • Red, 2250 points or more

I would agree with Tarik that Cisco TAC is the best party that you can contct.

But you can always make sure you are on the latest patch before contacting them.

I would say that if this problem is reported by a security audit then we are sure this vulnerability is exist with the ACS.

If you are copying this from somewhere then it is still probable if it is hitting the box.


HTH


Amjad

Actions

This Discussion

Related Content