what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 19 of 19 RSS Feed

Files

RecurityLabs_Cisco_ACS_UCP_advisory.txt
Posted Mar 13, 2008
Authored by FX | Site recurity-labs.com

The Cisco Secure Access Control Server (ACS) for Windows User-Changeable Password (UCP) application suffers from buffer overflow and cross site scripting vulnerabilities. Details provided.

tags | exploit, overflow, vulnerability, xss
systems | cisco, windows
advisories | CVE-2008-0532, CVE-2008-0533
SHA-256 | a242258bd4975d682d6d762fee35ed4b8fd3212690cec9f6401fbc5d74109bb6

Related Files

Cisco Security Advisory 20130828-acs
Posted Aug 28, 2013
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A vulnerability in the EAP-FAST authentication module of Cisco Secure Access Control Server (ACS) versions 4.0 through 4.2.1.15 could allow an unauthenticated, remote attacker to execute arbitrary commands on the Cisco Secure ACS server. This vulnerability is only present when Cisco Secure ACS is configured as a RADIUS server. The vulnerability is due to improper parsing of user identities used for EAP-FAST authentication. An attacker could exploit this vulnerability by sending crafted EAP-FAST packets to an affected device. An exploit could allow the attacker to execute arbitrary commands on the Cisco Secure ACS server and take full control of the affected server. There are no workarounds for this vulnerability. Cisco has released free software updates that address this vulnerability.

tags | advisory, remote, arbitrary
systems | cisco
SHA-256 | 24f4eb4918b68ce6f025d4f11b936967593ada6bace57a42d482fdba12d618c3
Zero Day Initiative Advisory 11-091
Posted Feb 24, 2011
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 11-091 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Secure Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within CSDWebInstaller.ocx ActiveX control. The vulnerable Cisco-signed ActiveX control verifies the signing authority names in the certificate chain but fails to properly verify the digital signature of an executable file that is downloaded and executed by the Cisco Secure Desktop installation process. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.

tags | advisory, remote, arbitrary, activex
systems | cisco
advisories | CVE-2011-0926
SHA-256 | aa42da94f61aa15c9fbe1d3b89ebac14865a9cc7a35d7077701ed758089765f6
Cisco Security Advisory 20100217-csa
Posted Feb 17, 2010
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Management Center for Cisco Security Agents is affected by a directory traversal vulnerability and a SQL injection vulnerability. Successful exploitation of the directory traversal vulnerability may allow an authenticated attacker to view and download arbitrary files from the server hosting the Management Center. Successful exploitation of the SQL injection vulnerability may allow an authenticated attacker to execute SQL statements that can cause instability of the product or changes in the configuration. Additionally, the Cisco Security Agent is affected by a denial of service (DoS) vulnerability. Successful exploitation of the Cisco Security Agent agent DoS vulnerability may cause the affected system to crash. Repeated exploitation could result in a sustained DoS condition. These vulnerabilities are independent of each other.

tags | advisory, denial of service, arbitrary, vulnerability, sql injection
systems | cisco
advisories | CVE-2010-0146, CVE-2010-0147, CVE-2010-0148
SHA-256 | 89168264ce3123b644a7cdc45c7829cc364b9057312f73f74dba55d5259b1325
Core Security Technologies Advisory 2010.0106
Posted Feb 2, 2010
Authored by Core Security Technologies | Site coresecurity.com

Core Security Technologies Advisory - The Cisco Secure Desktop web application does not sufficiently verify if a well-formed request was provided by the user who submitted the POST request, resulting in a cross-site scripting vulnerability. In order to be able to successfully make the attack, the Secure Desktop application on the Cisco Appliance must be turned on.

tags | exploit, web, xss
systems | cisco
advisories | CVE-2010-0440
SHA-256 | f8c48a5475b2b0502d92201a787561418f197b00968eea66badd89e44af41aab
Cisco Security Advisory 20090121-csm
Posted Jan 21, 2009
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Cisco Security Manager contains a vulnerability when it is used with Cisco IPS Event Viewer (IEV) that results in open TCP ports on both the Cisco Security Manager server and IEV client. An unauthenticated, remote attacker could leverage this vulnerability to access the MySQL databases or IEV server.

tags | advisory, remote, tcp
systems | cisco
advisories | CVE-2008-3820
SHA-256 | b226f4be76ab01dd4f1812dcdb417b7003248e443d0399aea14cdb496da02b86
cisco-sr-20080903-csacs.txt
Posted Sep 3, 2008
Site cisco.com

Cisco Security Advisory - A specially crafted Remote Authentication Dial In User Service (RADIUS) Extensible Authentication Protocol (EAP) Message Attribute packet sent to the Cisco Secure Access Control Server (ACS) can crash the CSRadius and CSAuth processes of Cisco Secure ACS. Because this affects CSAuth all authentication requests via RADIUS or TACACS+ will be affected during exploitation of this vulnerability.

tags | advisory, remote, protocol
systems | cisco
advisories | CVE-2008-2441
SHA-256 | 03d2b3ad06e56bf03200206d5acb2d150486c95c36526b6ba7e8707ba224b692
Cisco Security Advisory 20080312-ucp
Posted Mar 13, 2008
Authored by FX, Cisco Systems | Site cisco.com

Cisco Security Advisory - Two sets of vulnerabilities were discovered in the Cisco Secure Access Control Server (ACS) for Windows User-Changeable Password (UCP) application. The first set of vulnerabilities address several buffer overflow conditions in the UCP application that could result in remote execution of arbitrary code on the host system where UCP is installed. The second set of vulnerabilities address cross-site scripting in the UCP application pages.

tags | advisory, remote, overflow, arbitrary, vulnerability, xss
systems | cisco, windows
advisories | CVE-2008-0532, CVE-2008-0533
SHA-256 | f88707ab17b43b63e07bb9e4fd28777a8d510ea5523d765ef65f2564020d2700
NSFOCUS Security Advisory 2007.2
Posted Dec 7, 2007
Authored by NSFOCUS | Site nsfocus.com

The NSFOCUS Security Team has discovered a remote buffer overflow vulnerability in the Cisco Security Agent for Windows which allows remote code execution by sending a malicious SMB request. Cisco Security Agent for Windows versions below 4.5.1.672, 5.0.0.225, 5.1.0.106, and 5.2.0.238 are affected.

tags | advisory, remote, overflow, code execution
systems | cisco, windows
advisories | CVE-2007-5580
SHA-256 | 9ef2052ed0feac6a9b02205d8939b2c0d2731983696db52d924b4105a07d1cc5
Cisco Security Advisory 20071205-csa
Posted Dec 6, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A buffer overflow vulnerability exists in a system driver used by the Cisco Security Agent for Microsoft Windows. This buffer overflow can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution.

tags | advisory, overflow, arbitrary, kernel, code execution
systems | cisco, windows
SHA-256 | d6feb3ae1ee89b617ef815ece5040454f7d85e317d3b91ac3b902fda7d1785b4
Cisco Security Advisory 20070221-supplicant
Posted Feb 24, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Secure Services Client (CSSC) is a software client that enables customers to deploy a single authentication framework using the 802.1X authentication standard across multiple device types to access both wired and wireless networks. A lightweight version of the CSSC client is also a component of the Cisco Trust Agent (CTA) within the Cisco Network Admission Control (NAC) Framework solution. These products are affected by multiple vulnerabilities including privilege escalations and information disclosure.

tags | advisory, vulnerability, info disclosure
systems | cisco
SHA-256 | eb78c56a832abfabd061e6ef8eea55e0f5e27cfc9bf39f65d5b4f45509d7cd8b
Cisco Security Advisory 20070118-certs
Posted Jan 20, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Security Monitoring, Analysis and Response System (CS-MARS) and the Cisco Adaptive Security Device Manager (ASDM) do not validate the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) certificates or Secure Shell (SSH) public keys presented by devices they are configured to connect to. Malicious users may be able to use this lack of certificate or public key validation to impersonate the devices that these affected products connect to, which could then be used to obtain sensitive information or misreport information.

tags | advisory, shell
systems | cisco
SHA-256 | ccfd62f8ef5c8bdeb0ddd735a47a5501e06d41c18b7a12414c1f951751146e9a
Cisco Security Advisory 20070105-csacs
Posted Jan 13, 2007
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Certain versions of Cisco Secure Access Control Server (ACS) for Windows and the Cisco Secure ACS Solution Engine (here after both referred to as purely Cisco Secure ACS) are affected by multiple vulnerabilities that cause specific Cisco Secure services to crash. Two of the vulnerabilities may permit arbitrary code execution after exploitation of the specified vulnerability.

tags | advisory, arbitrary, vulnerability, code execution
systems | cisco, windows
advisories | CVE-2006-4098, CVE-2006-4097
SHA-256 | bcf8f5af9d271d39db49f3c8440f13aea3e9f2af9c1dd8455ef32c407eece986
CiscoACSvuln.txt
Posted Jun 27, 2006
Authored by Darren Bounds

A vulnerability has been identified in the Cisco Secure ACS session management architecture which could be exploited by an attacker to obtain full administrative access to the web interface and thus all managed assets (routers, switches, 802.1x authenticated networks, etc). Cisco Secure ACS 4.x for Windows is affected. Legacy versions may also be affected.

tags | advisory, web
systems | cisco, windows
SHA-256 | fbf80693021296569355b9ad54cadd3aa96fd503cd199519dd68a9b42c2c781e
Cisco Security Advisory 20060111-mars
Posted Jan 15, 2006
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - The Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains a default password for an undocumented administrative account. This password is set, without any user intervention, during installation of the software used by CS-MARS appliances, and is the same in all installations of the product. Users must be authenticated to the CS-MARS command line in order to utilize the default password to access the administrative account. Software version 4.1.2 and earlier of CS-MARS are affected by this vulnerability. Customers running software version 4.1.3 or higher can mitigate the effects of this vulnerability by applying the workaround listed in this advisory.

tags | advisory
systems | cisco
SHA-256 | d4f3424c2aa15b7e9158c3cac90ddd89ad3408aa27512049c22d68e012d8c449
Cisco Security Advisory 20041102-acs-eap-tls
Posted Nov 5, 2004
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - A Cisco Secure Access Control Server (ACS) that is configured to use Extensible Authentication Protocol-Transport Layer Security (EAP-TLS) to authenticate users to the network will allow access to any user that uses a cryptographically correct certificate as long as the user name is valid. Cryptographically correct means that the certificate is in the appropriate format and contains valid fields. The certificate can be expired, or come from an untrusted Certificate Authority (CA) and still be cryptographically correct. Only version 3.3.1 of the Cisco Secure ACS for Windows and Cisco Secure ACS Solution Engine is affected by this vulnerability.

tags | advisory, protocol
systems | cisco, windows
SHA-256 | 5d9223d179086964baa6711e3d4713507dccf6304265e119bbcf3b8eb1a60d52
cisco.01-09-26.pix.smtp
Posted Sep 27, 2001
Site cisco.com

Cisco Security Advisory - The Cisco Secure PIX firewall feature "mailguard" which limits SMTP commands to a specified minimum set of commands can be bypassed. To exploit this vulnerability, attackers must be able to make connections to an SMTP mail server protected by the PIX Firewall. All users of Cisco Secure PIX Firewalls with software versions 6.0(1), 5.2(5) and 5.2(4) that provide access to SMTP Mail services are at risk.

systems | cisco
SHA-256 | 844d365f0b47bcd0fed7bc74723706ea4c035e7ea51e5d953adcdb2706897b20
cisco.00-09-27.ciscosecure_pix
Posted Oct 7, 2000
Site cisco.com

Cisco Advisory - The Cisco Secure PIX firewall feature "mailguard," which limits SMTP commands to a specified minimum set of commands, can be bypassed. This vulnerability can be exploited to bypass SMTP command filtering. All users of Cisco Secure PIX Firewalls with software versions up to and including 4.4(5), 5.0(3), 5.1(2) and 5.2(1) that provide access to SMTP Mail services are at risk. The IOS Firewall featureset is not affected by either of the above defects.

systems | cisco
SHA-256 | 3fd96653c343f5d7653e249d522f740519cd8396a9f30cc652f351a0e895f840
cisco.00-07-11.tcpreset
Posted Jul 22, 2000
Site cisco.com

Cisco Secure PIX Firewall TCP Reset Vulnerability - The Cisco Secure PIX Firewall cannot distinguish between a forged TCP Reset (RST) packet and a genuine TCP RST packet because the sequence number is not checked. Any TCP/IP connection established through the Cisco Secure PIX Firewall can be terminated by a third party from the untrusted network if the connection can be uniquely determined. If only source ip / destination ip / destination port are known, a RST packet can be sent with each source port.

tags | tcp
systems | cisco
SHA-256 | b1f7eb96541775acb267d750a7136e421f2b6437fb5e1dadef4de9c99dc843d6
cisco.pix-ftp.txt
Posted Mar 20, 2000
Site cisco.com

The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities.

tags | vulnerability, protocol
systems | cisco
SHA-256 | d9dd5eea66870d2029e813abe94d615ab12458e3e984c0e779c9e025f32d89b2
Page 1 of 1
Back1Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    13 Files
  • 9
    Aug 9th
    13 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close