Exploit the possiblities
Showing 1 - 25 of 36 RSS Feed

Files

Cisco Security Advisory 20031210-ACNS-auth
Posted Dec 15, 2003
Authored by Cisco Systems | Site cisco.com

Cisco ACNS software prior to 4.2.11 or 5.0.5 contain a remotely exploitable buffer overflow which is triggered by a long password. Affected devices include Content Routers 4400 series, Content Distribution Manager 4600 series, Content Engine 500 and 7300 series, and Content Engine Module for Cisco Routers 2600, 3600 and 3700 series. Workaround is to disable the CE GUI with the command "no gui-server enable".

tags | overflow
systems | cisco
MD5 | 93625507bb30da8fc0ac7d3d633671b7
Cisco Security Advisory 20031202-SNMP-trap
Posted Dec 3, 2003
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory 20031202 - Cisco Aironet Access Points (AP) running Cisco IOS software will send any static Wired Equivalent Privacy (WEP) key in the cleartext to the Simple Network Management Protocol (SNMP) server if the snmp-server enable traps wlan-wep command is enabled. Cisco Aironet 1100, 1200, and 1400 series are affected, but the command is disabled by default.

tags | protocol
systems | cisco
MD5 | 65518f0742d4bd46b464f831a968adf3
Cisco-VPN-Client.txt
Posted Sep 18, 2002
Authored by Niels Heinen | Site ubizen.com

The Cisco VPN 5000 clients for Linux and Solaris contain buffer overflow vulnerabilities that can be used by local users to execute machine code with root privileges.

tags | overflow, local, root, vulnerability
systems | cisco, linux, solaris
MD5 | c6560559cd40d4e3f9c2d7d3f849c9cb
cisco-3000.txt
Posted Jul 12, 2002
Authored by Master Phi

The Cisco VPN3000 gateway lets remote client dictate which maximum MTU to use when sending back ESP frames, regardless of the transmitting capabilities of the physical medium. This can lead to denial of service conditions.

tags | remote, denial of service
systems | cisco
MD5 | 22abcad0808b4ff889974a197cfb521e
cisco.ssh.advisory.txt
Posted Jul 3, 2002
Site cisco.com

Cisco Security Advisory - Exploitation of the CRC 32 overflow can cause some Cisco devices to reboot. This vulnerability affects all devices running Cisco IOS Software supporting SSH, Cisco Catalyst 6000 switches running CatOS, Cisco PIX Firewall's and the Cisco 11000 Content Service Switch family.

tags | overflow
systems | cisco
MD5 | 992e4b18bd52d919e0beb5718654e265
cisco-vpn-client.txt
Posted Jun 20, 2002
Site cisco.com

Cisco Security Advisory - A buffer overflow in the Cisco VPN Clients for Linux, Solaris, and Mac OS X platforms can be exploited locally to gain local root access. This is fixed in v3.5.2.

tags | overflow, local, root
systems | cisco, linux, solaris, apple, osx
MD5 | a62ed0a23d87903525d301700049ea09
cisco-ata-186.txt
Posted May 25, 2002
Site cisco.com

Cisco Security Advisory - A vulnerability found in the web interface that comes with the Cisco ATA 186 Analog Telephone Adaptor be used to remotely disclose passwords by retrieving the router config via a specially crafted POST request.

tags | web, telephony
systems | cisco
MD5 | 75fbb19b5f876c5bdbac50ebafe9176e
cisco-cbos-dos.txt
Posted May 25, 2002
Site cisco.com

Cisco Security Advisory - Three new denial of service vulnerabilities involving large packets have been found in Cisco routers that are running the CBOS software. This affects the following Cisco devices: 605, 626, 627, 633, 673, 675, 675e, 676, 677, 677i and 678.

tags | denial of service, vulnerability
systems | cisco
MD5 | e15833ccbf8a5ab9f5a58121cdd65b31
cisco-ip-telephone.txt
Posted May 24, 2002
Site cisco.com

Cisco Security Advisory - Multiple Vulnerabilities in Cisco IP Telephones. Bugs found in the Cisco IP Telephones can result in denial of service conditions and allow unauthorized access to the configuration settings of the Cisco IP Phone models 7910, 7940, and 7960.

tags | denial of service, telephony, vulnerability
systems | cisco
MD5 | 5be4f91e288a97ccb48243948ce0260c
css-http-post-pub.txt
Posted May 19, 2002
Site cisco.com

Cisco Security Advisory - The Cisco Content Service Switch (CSS) 11000 series switches are susceptible to a denial of service attack caused by a soft reset due to improper handling of HTTP POST requests to the web management interface.

tags | web, denial of service
systems | cisco
MD5 | c5528c55d4552fbdeb5192f1a05a8c64
transparentcache-tcp-relay-vuln-pub.txt
Posted May 19, 2002
Site cisco.com

Cisco Security Advisory - Cisco Cache Engines and Content Engines provide a transparent cache for world wide web pages retrieved via HTTP. The default configuration of the proxy feature can be abused to open a TCP connection to any reachable destination IP address and hide the true IP source address of the connection allowing for anonymous port scanning, dos attacks, spam, etc.

tags | web, tcp
systems | cisco
MD5 | d7f5a2dacc30f1f3432c87d240e4cc7f
ubr900.txt
Posted Jan 8, 2002
Authored by Cushman | Site hack-net.com

The Cisco UBR 900 series routers allow remote users snmp read access with any community string.

tags | remote
systems | cisco
MD5 | 6eecb8ee11f2b4a9696a2d3c20fdd922
cisco.01-11-14.12xxx.icmp
Posted Nov 15, 2001
Site cisco.com

Cisco Security Advisory - A vulnerability causing performance degradation on Cisco 12000 series routers when receiving large numbers of ICMP Unreachable packets has been discovered.

systems | cisco
MD5 | 9d945b095955cb7d2951b1f559648487
cisco.01-11-14.12xxx.ACL
Posted Nov 15, 2001
Site cisco.com

Cisco Security Advisory - Six vulnerabilities involving ACLs have been discovered in multiple releases of Cisco IOSR Software Release for Cisco 12000 Series Internet Routers.

tags | vulnerability
systems | cisco
MD5 | 680b74148f9c721169d492e5e6d90534
cisco.01-09-26.pix.smtp
Posted Sep 27, 2001
Site cisco.com

Cisco Security Advisory - The Cisco Secure PIX firewall feature "mailguard" which limits SMTP commands to a specified minimum set of commands can be bypassed. To exploit this vulnerability, attackers must be able to make connections to an SMTP mail server protected by the PIX Firewall. All users of Cisco Secure PIX Firewalls with software versions 6.0(1), 5.2(5) and 5.2(4) that provide access to SMTP Mail services are at risk.

systems | cisco
MD5 | bd7bb40432ce6ef1c3c4e10f11438049
cisco.sn5420.txt
Posted Jul 12, 2001
Site cisco.com

Cisco Security Advisory - Vulnerabilities in Cisco SN 5420 Storage Routers. Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420. The vulnerabilities are exploited via TCP ports 514 and 8023.

tags | tcp, vulnerability
systems | cisco
MD5 | 217a13ba3ed96b040635c794eb890afe
ios-snmp-community-vulns-pub.txt
Posted Mar 2, 2001
Site cisco.com

Cisco Security Advisory - Many IOS and CatOS releases contain several independent but related vulnerabilities involving the unexpected creation and exposure of SNMP community strings. These vulnerabilities can be exploited to permit the unauthorized viewing or modification of affected devices. To fix, install the free upgrade or block UDP port 161.

tags | udp, vulnerability
systems | cisco
MD5 | d4e9d6200eee994707a7fb10f80484c3
cisco.00-12-06.memleak
Posted Dec 7, 2000
Site cisco.com

Cisco Security Advisory - Catalyst Memory Leak Vulnerability. A series of failed telnet authentication attempts to the switch can cause the Catalyst Switch to fail to pass traffic or accept management connections until the system is rebooted or a power cycle is performed. All types of telnet authentication are affected, including Kerberized telnet, and AAA authentication.

tags | memory leak
systems | cisco
MD5 | 9b1539403f297d72a54b5354e0c90da1
cisco.00-09-27.ciscosecure_pix
Posted Oct 7, 2000
Site cisco.com

Cisco Advisory - The Cisco Secure PIX firewall feature "mailguard," which limits SMTP commands to a specified minimum set of commands, can be bypassed. This vulnerability can be exploited to bypass SMTP command filtering. All users of Cisco Secure PIX Firewalls with software versions up to and including 4.4(5), 5.0(3), 5.1(2) and 5.2(1) that provide access to SMTP Mail services are at risk. The IOS Firewall featureset is not affected by either of the above defects.

systems | cisco
MD5 | 11bcea2f363499cdbbbf1465aa2bbe19
cisco.00-09-21.ciscosecure_acs
Posted Sep 22, 2000
Site cisco.com

Cisco Security Advisory - This advisory highlights three vulnerabilities found in the CiscoSecure Access Control Server for Windows NT. The first bug is a buffer overflow in the CSAdmin module that allows a malicious user to execute arbitrary code or crash the module by sending an oversized packet to TCP port 2002. The second vulnerability involves sending an oversized TACACS+ packet to the CiscoSecure ACS thereby creating an unstable condition within the system conducive to denial of service attacks. Lastly, the enable password can be bypassed to gain unauthorized access to a router or switch if the interaction is between an LDAP server that allows null passwords and a CiscoSecure ACS for Windows NT. All releases of CiscoSecure ACS for Windows NT Server up to and including 2.1(x), 2.3(3), and 2.4(2) are vulnerable. CiscoSecure ACS for UNIX is not affected.

tags | denial of service, overflow, arbitrary, tcp, vulnerability
systems | cisco, windows, unix, nt
MD5 | f911feded42207577565c591a9f00715
cisco.00-08-03.gigabit
Posted Aug 4, 2000
Site cisco.com

Cisco Security Advisory - A defect in Cisco IOS Software running on all models of Gigabit Switch Routers (GSRs) configured with Gigabit Ethernet or Fast Ethernet cards may cause packets to be forwarded without correctly evaluating configured access control lists (ACLs). In addition to circumventing the access control lists, it is possible to stop an interface from forwarding any packets, thus causing a denial of service. There is no workaround - Customers are urged to upgrade to unaffected versions of software as soon as possible.

tags | denial of service
systems | cisco
MD5 | 27ef81cd0e03f8f503abba3d498f04ef
cisco.00-07-11.tcpreset
Posted Jul 22, 2000
Site cisco.com

Cisco Secure PIX Firewall TCP Reset Vulnerability - The Cisco Secure PIX Firewall cannot distinguish between a forged TCP Reset (RST) packet and a genuine TCP RST packet because the sequence number is not checked. Any TCP/IP connection established through the Cisco Secure PIX Firewall can be terminated by a third party from the untrusted network if the connection can be uniquely determined. If only source ip / destination ip / destination port are known, a RST packet can be sent with each source port.

tags | tcp
systems | cisco
MD5 | 0d51fab0034e2a9fac7169070d05a8a2
cisco.00-04-20.telnet
Posted Apr 23, 2000

Cisco Security Advisory: Cisco IOS Software TELNET Option Handling Vulnerability. A defect in multiple Cisco IOS software versions will cause a Cisco router to reload unexpectedly when the router is tested for security vulnerabilities by security scanning software programs. The defect can be exploited repeatedly to produce a consistent denial of service (DoS) attack. Vulnerable releases include 11.3AA, 12.0(2) up to and including 12.0(6), and 12.0(7).

tags | denial of service, vulnerability
systems | cisco
MD5 | 27305612e78c4c70907ce2f5433761ed
cisco.00-04-19.enable
Posted Apr 23, 2000

Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability. Cisco Catalyst software permits unauthorized access to the enable mode in the 5.4(1) release. Once initial access is granted, access can be obtained for the higher level "enable" mode without a password.

tags | bypass
systems | cisco
MD5 | 37453138d933754d84c8a8577b6d9cc1
cisco.pix-ftp.txt
Posted Mar 20, 2000
Site cisco.com

The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.

tags | vulnerability, protocol
systems | cisco
MD5 | de9c219fb628efe10d5cdecd1afde90a
Page 1 of 2
Back12Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
Cash Converters Reveals Data Breach
Posted Nov 16, 2017

tags | headline, hacker, cybercrime, data loss, fraud, identity theft
Kaspersky Defends Its Role In NSA Breach
Posted Nov 16, 2017

tags | headline, government, malware, usa, russia, data loss, spyware, nsa
McAfee Anti-Hacking Service Exposed Users To Banking Malware
Posted Nov 16, 2017

tags | headline, malware, bank, cybercrime, fraud, flaw, identity theft, mcafee
DJI Bug Bounty NDA Is 'Not Signable', Say Irate Infosec Researchers
Posted Nov 16, 2017

tags | headline, hacker, flaw
Government Just Figures Out You Can Hack Planes Remotely Due To Poor Design
Posted Nov 15, 2017

tags | headline, government, usa, flaw, terror
UK Security Chief Blames Russia For Hacks
Posted Nov 15, 2017

tags | headline, hacker, government, britain, russia, cyberwar
Forbes 30 Under 30 Conference Site Exposed Attendee Details
Posted Nov 15, 2017

tags | headline, privacy, data loss, flaw, conference
The Motherboard Guide To Not Getting Hacked
Posted Nov 15, 2017

tags | headline, hacker, privacy, data loss, fraud, identity theft
Votes In 18 Nations 'Hacked' In Last Year
Posted Nov 14, 2017

tags | headline, government, usa, russia, fraud, cyberwar, social
Shut The Front Door: Jewson Admits To Data Breach
Posted Nov 14, 2017

tags | headline, hacker, privacy, data loss
View More News →
packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close