Cisco DDR2200 and 2201v1 ADSL2+ Residential Gateway devices suffer from insecure direct object reference vulnerabilities that allow for remote code execution as well as a path traversal issue.
7653bf6d69854327291ba03c42436923b5ed5b87b1ea493bea7feccbee2bd185
Whitepaper called SYN Flood Attack for IP Cisco Phone. Written in French.
9d090aec17573df5115317729a90d24135b5138fb83e24c75fcf0568d1d4d36e
Cisco Prime Infrastructure versions 1.1 through 3.1.6 suffer from cross site scripting, XML external entity injection, file disclosure, and remote SQL injection vulnerabilities.
b99dc34bb1d4f4d0e0a2ab8dce19e42ad7671744eb78f870180c5ae19b9036d4
Apple Security Advisory 2017-05-15-2 - iOS 10.3.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.
f5820ea52b00fc116734e8b0de08fa5acad42cef92c5e3010010e8bff44f5cea
THC-Hydra is a high quality parallelized login hacker for Samba, Smbnt, Cisco AAA, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more. Includes SSL support, parallel scans, and is part of Nessus.
557ab284f877aa6c8a26f7491c0373a84836593e5e0ca141b327035e7937dd6d
Cisco Catalyst 2960 with IOS version 12.2(55)SE1 ROCEM remote code execution exploit.
664cf049a097afea8487d7fd5f96060b2a8fe64c9070c71dd9862fbd7af9b402
Cisco Catalyst 2960 with IOS version 12.2(55)SE11 ROCEM remote code execution exploit.
b5161013a8a0cd5cb9435330c4717f753537962b89333395f92f95889edba133
Apple Security Advisory 2017-03-27-4 - iOS 10.3 is now available and addresses code execution, information disclosure, denial of service, and various other vulnerabilities.
22e0875f79f9c63aedffc618f68fec412607d64473f27fd6f5dbacb83463532e
Apple Security Advisory 2017-03-27-1 - Pages 6.1, Numbers 4.1, and Keynote 7.1 for Mac; Pages 3.1, Numbers 3.1, and Keynote 3.1 for iOS are now available and address a weak cryptography issue.
745de5dc99e800c0cbfca86a9ccf2b5cb8002743aa72c1b9242d277e90c4b038
Cisco Security Advisory - A vulnerability in the Data-in-Motion (DMo) process installed with the Cisco IOx application environment could allow an unauthenticated, remote attacker to cause a stack overflow that could allow remote code execution with root privileges in the virtual instance running on an affected device. The vulnerability is due to insufficient bounds checking in the DMo process. An attacker could exploit this vulnerability by sending crafted packets that are forwarded to the DMo process for evaluation. The impacts of a successful exploit are limited to the scope of the virtual instance and do not impact the router that is hosting Cisco IOx. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
5690117646d6b3517de249b639b84ad6009dd63bbb933633ae322ba51a01b44e
Cisco Security Advisory - A vulnerability in the DHCP code for the Zero Touch Provisioning feature of Cisco ASR 920 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to a format string vulnerability when processing a crafted DHCP packet for Zero Touch Provisioning. An attacker could exploit this vulnerability by sending a specially crafted DHCP packet to an affected device. An exploit could allow the attacker to cause the device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
2758392fd2285e59de5765f4ed70e192889eb0b4cc11290f2945bbbaffd07401
Cisco Security Advisory - A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
8bea2ddcb93ad10635670df2af50464d0f21871575a44f527c5534396ab6f63d
Cisco Security Advisory - A vulnerability in the DHCP client implementation of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability occurs during the parsing of a crafted DHCP packet. An attacker could exploit this vulnerability by sending crafted DHCP packets to an affected device that is configured as a DHCP client. A successful exploit could allow the attacker to cause a reload of an affected device, resulting in a DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
9128134a4778e4b6128fd57912ce670d99b70dd87d2acfe189b66ebf145284ce
Cisco Security Advisory - A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges. The Cluster Management Protocol utilizes Telnet internally as a signaling and command protocol between cluster members. The vulnerability is due to the combination of two factors: The failure to restrict the use of CMP-specific Telnet options only to internal, local communications between cluster members and instead accept and process such options over any Telnet connection to an affected device, and The incorrect processing of malformed CMP-specific Telnet options. An attacker could exploit this vulnerability by sending malformed CMP-specific Telnet options while establishing a Telnet session with an affected Cisco device configured to accept Telnet connections. An exploit could allow an attacker to execute arbitrary code and obtain full control of the device or cause a reload of the affected device. Cisco will release software updates that address this vulnerability. There are no workarounds that address this vulnerability.
209636ac80e070405b945bd39606a236c49f1da456a8faee8149160ebe8d92bd
Cisco Security Advisory - A vulnerability in the Client Manager Server of Cisco Workload Automation and Cisco Tidal Enterprise Scheduler could allow an unauthenticated, remote attacker to retrieve any file from the Client Manager Server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted URL to the Client Manager Server. An exploit could allow the attacker to retrieve any file from the Cisco Workload Automation or Cisco Tidal Enterprise Scheduler Client Manager Server. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
0742ceb22f1861972c1748f3c5cd467a250c277f3d7a11eebfc96fd3898a494d
Cisco Security Advisory - A vulnerability in the web-based GUI of Cisco Mobility Express 1800 Series Access Points could allow an unauthenticated, remote attacker to bypass authentication. The attacker could be granted full administrator privileges. The vulnerability is due to improper implementation of authentication for accessing certain web pages using the GUI interface. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web interface of the affected system. A successful exploit could allow the attacker to bypass authentication and perform unauthorized configuration changes or issue control commands to the affected device. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
bd92cac44b2f149009706c1808ced146e1c0f4fc15a1754d8a0e09ca477ef530
Cisco Security Advisory - A privilege escalation vulnerability in the Secure Shell (SSH) subsystem in the StarOS operating system for Cisco ASR 5000 Series, ASR 5500 Series, ASR 5700 Series devices, and Cisco Virtualized Packet Core could allow an authenticated, remote attacker to gain unrestricted, root shell access. The vulnerability is due to missing input validation of parameters passed during SSH or SFTP login. An attacker could exploit this vulnerability by providing crafted user input to the SSH or SFTP command-line interface (CLI) during SSH or SFTP login. An exploit could allow an authenticated attacker to gain root privileges access on the router. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability can be triggered via both IPv4 and IPv6 traffic. An established TCP connection toward port 22, the SSH default port, is needed to perform the attack. The attacker must have valid credentials to login to the system via SSH or SFTP. Cisco has released software updates that address this vulnerability. Workarounds that mitigate this vulnerability are not available.
3af41f251d2f51e2bc77992540bef519775244270fbe2db95d0952bb965612f6
Cisco AnyConnect Start Before Logon (SBL) versions 4.3.04027 and below suffer from a local privilege escalation vulnerability.
a940cb43f59488ff489670ff1c373d98a9bcd072247f920b103d88a5edb179d8
Cisco ASA WebVPN CIFS handling buffer overflow conditions have been discovered.
5f13058e5f06f00a4c9e17b0e2cff240e100c10816e9044cab1647b9e216332f
Cisco Security Advisory - A vulnerability in the web-based GUI of Cisco UCS Director could allow an authenticated, local attacker to execute arbitrary workflow items with just an end-user profile. The vulnerability is due to improper role-based access control (RBAC) after the Developer Menu is enabled in Cisco UCS Director. Attackers could exploit this vulnerability by enabling Developer Mode for their user profile with an end-user profile and then adding new catalogs with arbitrary workflow items to the profile. An exploit could allow attackers to perform any actions defined by these workflow items, including actions affecting other tenants. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
af8ddd4b376f7c30e09926c47b62cf5a42d2a31626a7239edac7bdaa02886344
Cisco Security Response - Several researchers have reported on the use of Smart Install (SMI) protocol messages toward Smart Install clients, also known as integrated branch clients (IBC), allowing an unauthenticated, remote attacker to change the startup-config file and force a reload of the device, upgrade the IOS image on the device, and execute high-privilege CLI commands on switches running Cisco IOS and IOS XE Software. Cisco does not consider this a vulnerability in Cisco IOS, IOS XE, or the Smart Install feature itself but a misuse of the Smart Install protocol that by design does not require authentication.
710f50b6b06fe5e115b57cbe592f3bcdf8a41ddd4acd0ce1cfa610c91c585c24
Cisco Security Advisory - A vulnerability in Common Internet Filesystem (CIFS) code in the Clientless SSL VPN functionality of Cisco ASA Software could allow an authenticated, remote attacker to cause a heap overflow. The vulnerability is due to insufficient validation of user supplied input. An attacker could exploit this vulnerability by sending a crafted URL to the affected system. An exploit could allow the remote attacker to cause a reload of the affected system or potentially execute code. Note: Only traffic directed to the affected system can be used to exploit this vulnerability. This vulnerability affects systems configured in routed firewall mode only and in single or multiple context mode. This vulnerability can be triggered by IPv4 or IPv6 traffic. A valid TCP connection is needed to perform the attack. The attacker needs to have valid credentials to log in to the Clientless SSL VPN portal.
3c44810c1c923ca647c9e492ddffeb0477b936dcb0db527d5f8386e86bb91e2a
Cisco Security Advisory - A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system.
02b9c6f4f6e737456c42c90aad2a3b6e1af83ca3854fb613d016ca479d142536
Cisco Security Advisory - A vulnerability in the web-based GUI of Cisco Prime Home could allow an unauthenticated, remote attacker to bypass authentication and execute actions with administrator privileges. The vulnerability is due to a processing error in the role-based access control (RBAC) of URLs. An attacker could exploit this vulnerability by sending API commands via HTTP to a particular URL without prior authentication. An exploit could allow the attacker to perform any actions in Cisco Prime Home with administrator privileges. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability.
2b2b37f518d4ccc6b7169be17a2c17c139547bd38148a33f01b2283bdda1b7b5
This Metasploit module exploits a vulnerability present in the Cisco WebEx Chrome Extension version 1.0.1 which allows an attacker to execute arbitrary commands on a system.
6c42287dc4186a67ead4ee41cfd7c7d1bcf0bc8d846ea957b70ad1e16c11f4df