Lucene search
K

473 matches found

securityvulns
securityvulns
added 2012/06/25 12:0 a.m.31 views

Cisco Application Control Engine privilege escalation

Context administrator can access wrong context...

7.1CVSS4AI score0.01016EPSS
Exploits0References1
securityvulns
securityvulns
added 2012/06/25 12:0 a.m.46 views

Cisco Security Advisory: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Application Control Engine Administrator IP Address Overlap Vulnerability Advisory ID: cisco-sa-20120620-ace Revision 1.0 For Public Release 2012 June 20 16:00 UTC GMT +---------------------------------------------------------------------...

0.8AI score
Exploits0
Cisco
Cisco
added 2012/06/20 4:0 p.m.24 views

Cisco Application Control Engine Administrator IP Address Overlap Vulnerability

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.1CVSS6.2AI score0.01016EPSS
Exploits0References1
seebug.org
seebug.org
added 2012/05/22 12:0 a.m.47 views

Pligg CMS 1.2.1 SQL注入漏洞

Bugtraq ID: 53625 Pligg CMS是一款内容管理系统。 Pligg CMS包含的admin/adminindex.php,admin/adminusers.php,module.php脚本不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行SQL注入攻击,可获得数据库信息或控制应用系统。 0 Pligg CMS 1.2.1 厂商解决方案 Pligg CMS 1.2.2已经修复此漏洞,建议用户下载使用: http://forums.pligg.com/downloads.php?do=file&id=15...

6.9AI score
Exploits0
ThreatPost
ThreatPost
added 2011/11/28 6:30 p.m.9 views

Twitter Snaps Up Mobile Security Firm WhisperSystems

Micro blogging site Twitter has acquired Whispersystems, a maker of mobile security software, according to a statement posted on the WhisperSystems Web site. The Bay Area startup notified its users of the acquisition in a blog post on Monday, saying that Whisper would be integrating its technolog...

1AI score
Exploits0References4
securityvulns
securityvulns
added 2011/11/16 12:0 a.m.73 views

Apple Mac Os X sandbox protection bypass

It's possible to bypass sandbox restriction by controlling different applications...

7.6CVSS3.2AI score0.03533EPSS
Exploits11References1Affected Software1
Packet Storm
Packet Storm
added 2011/10/09 12:0 a.m.41 views

GotoCode Online Classifieds Access Bypass

Exploit Title : GotoCode Online Classifieds Multiple Vulnerabilities Vulnerability : Privilege Escalation / Remote Database Download Date : 09/10/2011 Author : Nathaniel Carew Email : [email protected] Impact : High Software Link : http://www.gotocode.com/apps.asp?appid=5& Platform : ASP.NET Test...

0.9AI score
Exploits0
NVD
NVD
added 2010/08/17 5:41 a.m.12 views

CVE-2010-2825

Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine ACE 4710...

7.8CVSS6.7AI score0.01205EPSS
Exploits0References1
Prion
Prion
added 2010/08/17 5:41 a.m.11 views

Design/Logic Flaw

Unspecified vulnerability on the Cisco Application Control Engine ACE Module with software A21.x before A21.6, A22.x before A22.3, and A23.x before A23.1 for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service device reload via a sequence of...

7.8CVSS7.1AI score0.01763EPSS
Exploits0References1Affected Software1
Cisco
Cisco
added 2010/08/11 4:0 p.m.28 views

Multiple Vulnerabilities in the Cisco ACE Application Control Engine Module and Cisco ACE 4710 Application Control Engine

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

7.8CVSS5.9AI score0.01763EPSS
Exploits0References1
NVD
NVD
added 2010/07/06 5:17 p.m.15 views

CVE-2010-2629

The Cisco Content Services Switch CSS 11500 with software 8.20.4.02 and the Application Control Engine ACE 4710 with software A23.0 do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling...

7.5CVSS6.7AI score0.01471EPSS
Exploits0References5
Cvelist
Cvelist
added 2010/07/06 2:0 p.m.22 views

CVE-2010-1576

The Cisco Content Services Switch CSS 11500 with software before 8.20.4.02 and the Application Control Engine ACE 4710 with software before A23.0 do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to...

6.6AI score0.01834EPSS
Exploits2References6
Cvelist
Cvelist
added 2010/07/06 2:0 p.m.25 views

CVE-2010-2629

The Cisco Content Services Switch CSS 11500 with software 8.20.4.02 and the Application Control Engine ACE 4710 with software A23.0 do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling...

6.7AI score0.01471EPSS
Exploits0References5
exploitpack
exploitpack
added 2010/05/07 12:0 a.m.10 views

Cisco Application Control Engine (ACE) - HTTP Parsing Security

Cisco Application Control Engine ACE - HTTP Parsing Security source: https://www.securityfocus.com/bid/40002/info Cisco Application Control Engine ACE is prone to a security weakness that may allow attackers to obfuscate HTTP server log entries. Attackers can exploit this issue to avoid having...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2010/05/07 12:0 a.m.20 views

Cisco Application Control Engine (ACE) - HTTP Parsing Security

source: https://www.securityfocus.com/bid/40002/info Cisco Application Control Engine ACE is prone to a security weakness that may allow attackers to obfuscate HTTP server log entries. Attackers can exploit this issue to avoid having client IP addresses logged by servers. GET / HTTP / 1 . 1 HOST:...

7.4AI score
Exploits0
seebug.org
seebug.org
added 2009/05/23 12:0 a.m.16 views

Winamp 5.551 MAKI Parsing Integer Overflow PoC

No description provided by source. / Winamp 5.551 MAKI Parsing Integer Overflow Vulnerability This is just a simple poc code to show how to exploit the recent MAKI file parsing vulnerability. Tested on :Vista sp1 and Xpsp3 Release Date :May 22 2009 Venders web site :http://www.winamp.com/ Version...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2009/03/19 12:0 a.m.17 views

Talkative IRC 0.4.4.16 Remote Stack Overflow Exploit (SEH)

No description provided by source. !/usr/bin/perl Title: Talkative IRC 0.4.4.16 Remote Stack Overflow Exploit SEH Summary: The easiest and fastest way to meet people online. With Talkative IRC you can chat with thousands of people at the same time. Find people with the same interests as you. Join...

7.1AI score
Exploits0
NVD
NVD
added 2009/02/26 4:17 p.m.21 views

CVE-2009-0623

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.3 and Cisco ACE 4710 Application Control Engine Appliance before A32.1 allows remote attackers to cause a denial of service device reload via a crafted SSH packet...

7.8CVSS6.5AI score0.01265EPSS
Exploits1References2
Prion
Prion
added 2009/02/26 4:17 p.m.24 views

Design/Logic Flaw

Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.2 and Cisco ACE 4710 Application Control Engine Appliance before A18a allows remote authenticated users to execute arbitrary operating-system commands through a command...

9CVSS7.8AI score0.0147EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2009/02/26 4:17 p.m.22 views

Design/Logic Flaw

Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.1 uses default 1 usernames and 2 passwords for a the administrator and b web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access...

10CVSS7.2AI score0.01839EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder