Two sets of vulnerabilities were discovered in the Cisco Secure Access
Control Server (ACS) for Windows User-Changeable Password (UCP) application and
reported to Cisco by Felix 'FX' Lindner, Recurity Labs GmbH.
The first set of vulnerabilities address several buffer overflow
conditions in the UCP application that could result in remote execution of
arbitrary code on the host system where UCP is installed.
The second set of vulnerabilities address cross-site scripting in the
UCP application pages.
Both sets of vulnerabilities could be remotely exploited, and do not
require valid user credentials.
Cisco has released a free software update for UCP that addresses these
There are no workarounds that mitigate these vulnerabilities.
This advisory is posted at http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20080312-ucp.