CVE-2000-1054

CiscoSecure ACS Server <2.4.2 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2000-1054. PoCs published by blackangels.

AI-analyzed exploit summary This Perl script exploits multiple Cisco vulnerabilities, including CVE-2000-1054 (CiscoSecure ACS for Windows NT DoS). It sends oversized packets to port 2002, causing the service to crash.

Description

Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.

Exploits (1)

exploitdb WORKING POC VERIFIED

by blackangels · perlremotewindows

https://www.exploit-db.com/exploits/20235

View Code ZIP pw:eip

This Perl script exploits multiple Cisco vulnerabilities, including CVE-2000-1054 (CiscoSecure ACS for Windows NT DoS). It sends oversized packets to port 2002, causing the service to crash.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: CiscoSecure ACS for Windows NT

No auth needed

Prerequisites: Network access to target · Port 2002 open

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Patch, Vendor Advisory vendor-advisory x_refsource_cisco

http://www.cisco.com/warp/public/707/csecureacsnt-pub.shtml

Patch, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/1705

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/5272

Scores

EPSS 0.0839

EPSS Percentile 94.3%

Details

Status published

Products (3)

cisco/secure_access_control_server 2.1

cisco/secure_access_control_server 2.3\(3\)

cisco/secure_access_control_server 2.4\(2\)

Published Dec 11, 2000

Tracked Since Feb 18, 2026