Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AAA security bulletin

After seeing the bulletin about the buffer overflow vulnerability in the web admin i have obtained from my supplier the file that i need to upgrade from our current version of acs which is acsv3.0(1.40) to acsv3.0.3 before i can apply the patch in the file that i also have.

I just want to check that the bin file is an upgrade that i can just run by running setup.exe rather than a fresh install as there was no documentation sent with the file other than a pdf in the file that talks only about fresh installs rather than an upgrade.


mark weaver


Re: AAA security bulletin

Hello Mark,

All you need to do is, replace the existing CSAdmin.exe file with the new one. Here is the instrcuctions from the Read Me file:

Installtion Instructions:


1) Manually stop the CSAdmin Service

2) rename the /CSAdmin/CSAdmin.exe file

3) copy the patched CSAdmin.exe to /CSAdmin

4) Manually start the CSAdmin Service

Important - The patch must be installed on version 3.0(3.6) only and not other 3.0 releases.

If patch is installed on other ACS Version than 3.0(3.6), Backup and Restore isn't going to work and will result

in an error : "This backup file is not for this version of CiscoSecure"

To verify which version of CSAdmin is running use the following procedure:

1) net stop CSAdmin

2) cd /CSAdmin

3) run "csadmin -x"

4) net start CSAdmin

This will print out the exact version which should be 3.0(3.6)

Otherwise , a fresh upgrade to ACS3.0 FCS is needed prior to applying the patch

Just in case, if you need to access the Read me file and the .exe file, here is the link for this:

To upgrade to acs 3.0.3, all you need is to run the setup.exe and follow the steps. Please, make sure to upgrade before you apply this patch.

I hope this helps ! Thanks,


New Member

Re: AAA security bulletin

Thanks that is all i need to know.