CVE-2004-1459

Name of the Vulnerable Software and Affected Versions: Cisco Secure Access Control Server (ACS) version 3.2

Description: The issue allows remote attackers to cause a denial of service, resulting in a device crash, via certain LEAP authentication requests when the Cisco Secure Access Control Server is configured as a LEAP RADIUS proxy.

Recommendations: For Cisco Secure Access Control Server (ACS) version 3.2, consider disabling the LEAP RADIUS proxy functionality as a temporary workaround until a patch is available. Restrict access to the LEAP authentication requests to minimize the risk of exploitation.