67 matches found
Cisco Network Analysis Module (NAM) Detection (HTTP)
HTTP based detection of the Cisco Network Analysis Module NAM. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Cisco Network Analysis Module Detection (SSH Login)
SSH login-based detection of Cisco Network Analysis Module. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
Cisco Network Analysis Module Cross-Site Scripting Vulnerability
Cisco is a leading global provider of networking solutions. A cross-site scripting vulnerability exists in Cisco Network Analysis Module due to a failure to adequately validate input. An attacker could exploit the vulnerability by convincing a NAM user to visit a malicious Web site...
Cisco Network Analysis Module Cross-Site Scripting Vulnerability
A vulnerability in the login page of the Cisco Network Analysis Module NAM could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by convincing the NAM us...
Internet Security Systems Protocol Analysis Module ICQ Parsing Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9913/info It has been reported that the Internet Security Systems ISS Protocol Analysis Module is prone to a remote buffer overflow vulnerability when parsing the ICQ protocol. This issue exists due to insufficient bounds...
[Pac4Mac] Forensics Framework for Mac OS X
Pac4Mac Plug And Check for Mac OS X is a portable Forensics framework to launch from USB storage allowing extraction and analysis session informations in highlighting the real risks in term of information leak history, passwords, technical secrets, business secrets, .... Pac4Mac can be used to...
Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
Cisco Catalyst 6000, 6500 series and Cisco 7600 series that have a Network Analysis Module installed are affected by a vulnerability, which could allow an attacker to gain complete control of the system. Only Cisco Catalyst systems that have a NAM on them are affected. This vulnerability affects...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 1 PreSearch.html and 2 PreSearch.class in Cisco Secure Access Control Server ACS, VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage...
Design/Logic Flaw
The Network Analysis Module NAM in Cisco Catalyst Series 6000, 6500, and 7600 allows remote attackers to execute arbitrary commands via certain SNMP packets that are spoofed from the NAM's own IP address...
Cisco Security Advisory: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM (Network Analysis Module) Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Catalyst 6000, 6500 Series and Cisco 7600 Series NAM Network Analysis Module Vulnerability Advisory ID: cisco-sa-20070228-nam Revision 1.0 For Public Release 2007 February 28 -...
Cisco Catalist Network Analysis Module unauthorized SNMP access
It's possible to get full access to device via spoofed SNMP packets...
CVE-2004-1840
CVE-2004-1840 affects the MS Analysis module 2.0 for PHP-Nuke. The vulnerability is multiple cross-site scripting (XSS) flaws that allow remote attackers to inject arbitrary JavaScript/HTML via (1) screen parameter to modules.php, (2) module_name parameter to title.php, (3) sortby parameter to mo...
CVE-2004-1841
SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request...
CVE-2004-1841
CVE-2004-1841 concerns a SQL injection in MS Analysis module 2.0 for PHP-Nuke, allowing remote attackers to execute arbitrary SQL via the Referer header in an HTTP request. The available documents identify the affected component and the general vulnerability class but do not provide version-speci...
CVE-2004-1840
Multiple cross-site scripting XSS vulnerabilities in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the 1 screen parameter to modules.php, 2 modulename parameter to title.php, 3 sortby parameter to modules.php, or 4 overview parameter to...
CVE-2004-1839
MS Analysis module 2.0 for PHP-Nuke exposes full path disclosure via direct requests to browsers.php, mstrack.php, or title.php, enabling Information Disclosure without user interaction. Root cause: PHP error messages reveal filesystem paths. The provided documents do not specify a patched versio...
CVE-2004-1841
SQL injection vulnerability in MS Analysis module 2.0 for PHP-Nuke allows remote attackers to execute arbitrary SQL via the referer field in an HTTP request...
CVE-2004-0193
Heap-based buffer overflow in the ISS Protocol Analysis Module PAM, as used in certain versions of RealSecure Network 7.0 and Server Sensor 7.0, Proventia A, G, and M Series, RealSecure Desktop 7.0 and 3.6, RealSecure Guard 3.6, RealSecure Sentry 3.6, BlackICE PC Protection 3.6, and BlackICE Serv...
CVE-2004-0193
CVE-2004-0193 describes a heap-based buffer overflow in the ISS Protocol Analysis Module (PAM) used by RealSecure/BlackICE products. An SMB authentication request with a long username allows a remote attacker to execute arbitrary code. Affected: RealSecure Network 7.0 and Server Sensor 7.0, Prove...
Internet Security Systems Protocol Analysis Module ICQ - Parsing Buffer Overflow
// source: https://www.securityfocus.com/bid/9913/info It has been reported that the Internet Security Systems ISS Protocol Analysis Module is prone to a remote buffer overflow vulnerability when parsing the ICQ protocol. This issue exists due to insufficient bounds checking performed on certain...