CVE-2004-1112

Cisco Security Agent - Buffer Overflow

Title source: rule

Description

The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.

References (4)

[Vendor Advisory] http://www.ciac.org/ciac/bulletins/p-036.shtml

[Vendor Advisory] http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml

[Vendor Advisory] http://www.securityfocus.com/bid/11659

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/18037

Scores

EPSS 0.0088

EPSS Percentile 75.0%

Classification

Status draft

Affected Products (6)

cisco/security_agent

okena/stormwatch

Timeline

Published Jan 10, 2005

Tracked Since Feb 18, 2026