Description
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.
Affected products
- Cisco / security_agent2.1 – 2.1
- Cisco / security_agent3 – 3
- Cisco / security_agent4.0 – 4.0
- Cisco / security_agent4.0.1 – 4.0.1
- Cisco / security_agent4.0.2 – 4.0.2
- Cisco / security_agent4.0.3 – 4.0.3
- Cisco / security_agent4.0.3.728 – 4.0.3.728
- Cisco / security_agent4.5 – 4.5
- Cisco / security_agent4.5.1 – 4.5.1
- Cisco / security_agent4.5.1.639 – 4.5.1.639
- Cisco / security_agent4.5.1.657 – 4.5.1.657
- Cisco / security_agent4.5.1.659 – 4.5.1.659
- Cisco / security_agent5.0 – 5.0
- Cisco / security_agent5.0.0.201 – 5.0.0.201
- Cisco / security_agent5.0.193 – 5.0.193
- Cisco / security_agent5.1 – 5.1
- Cisco / security_agent5.1.79 – 5.1.79
- Cisco / security_agent5.2 – 5.2
References
- MISChttp://securityreason.com/securityalert/3425
- VENDOR_ADVISORYhttp://secunia.com/advisories/27947
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2007/4103
- MISChttp://www.securitytracker.com/id?1019046
- VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml
- MISChttp://osvdb.org/39521
- MISChttp://www.securityfocus.com/archive/1/484669/100/100/threaded
- VENDOR_ADVISORYhttp://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsl00618
- MISChttp://www.securityfocus.com/bid/26723
- MISChttp://www.nsfocus.com/english/homepage/research/0702.htm