What is the vulnerability ID for the buffer overflow issue in Cisco Security Agent?

The vulnerability ID for the buffer overflow issue in Cisco Security Agent is CVE-2004-1112.

What is the severity of CVE-2004-1112?

CVE-2004-1112 is considered to be a critical vulnerability due to the potential for remote attackers to exploit it.

How can I fix CVE-2004-1112?

To fix CVE-2004-1112, update Cisco Security Agent to version 4.0.3 or later.

What systems are affected by CVE-2004-1112?

CVE-2004-1112 affects Cisco Security Agent versions 3.x and 4.0 through 4.0.2, as well as Cisco Okena StormWatch 3.x.

How does CVE-2004-1112 allow exploitations during the five-minute wait time?

CVE-2004-1112 allows remote attackers to send additional buffer overflow attacks during the five-minute wait period before the process terminates.

Vulnerability/
CVE-2004-1112

medium

5.1

CWE

NVD-CWE-Other 119

1/12/2004

8/8/2024

CVE-2004-1112: Buffer Overflow

First published: Wed Dec 01 2004(Updated: )

The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Cisco Security Agent	=3
Cisco Security Agent	=4.0
Cisco Security Agent	=4.0.1
Cisco Security Agent	=4.0.2
Cisco Security Agent	=4.0.3
Cisco Okena StormWatch	=3.x

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for the buffer overflow issue in Cisco Security Agent?
The vulnerability ID for the buffer overflow issue in Cisco Security Agent is CVE-2004-1112.
What is the severity of CVE-2004-1112?
CVE-2004-1112 is considered to be a critical vulnerability due to the potential for remote attackers to exploit it.
How can I fix CVE-2004-1112?
To fix CVE-2004-1112, update Cisco Security Agent to version 4.0.3 or later.
What systems are affected by CVE-2004-1112?
CVE-2004-1112 affects Cisco Security Agent versions 3.x and 4.0 through 4.0.2, as well as Cisco Okena StormWatch 3.x.
How does CVE-2004-1112 allow exploitations during the five-minute wait time?
CVE-2004-1112 allows remote attackers to send additional buffer overflow attacks during the five-minute wait period before the process terminates.

agent/references
agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/author
agent/severity
agent/last-modified-date
agent/weakness
agent/description
agent/event
agent/first-publish-date
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/cisco
canonical/cisco security agent
version/cisco security agent/3
version/cisco security agent/4.0
version/cisco security agent/4.0.1
version/cisco security agent/4.0.2
version/cisco security agent/4.0.3
vendor/okena
canonical/cisco okena stormwatch
version/cisco okena stormwatch/3.x

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.