Chinese Hackers Caught by US water control system Honeypots

A notorious Chinese hacker collective known as APT1 or Comment Crew, possibly linked to the Chinese Army, have been caught red handed breaking into a fake United States water control system i.e. known as a Honeypot. Kyle Wilhoit, a researcher with security company Trend Micro has just revealed th...

[SECURITY] Fedora 19 Update: subversion-1.7.11-1.fc19

Subversion is a concurrent version control system which enables one or more users to collaborate in developing and maintaining a hierarchy of files and directories while keeping a history of all changes. Subversion only stores the differences between versions, instead of every complete file...

Fedora Update for kremotecontrol FEDORA-2013-13112

Check for the Version of kremotecontrol OpenVAS Vulnerability Test Fedora Update for kremotecontrol FEDORA-2013-13112 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify ...

Cisco Wireless Control System SQL Injection (cisco-sa-20100811-wcs) (credentialed check)

According to its self-reported version, the version of Cisco Wireless Control System installed on the remote host is 6.0.x before 6.0.196.0. Such versions have a SQL injection vulnerability. A remote, authenticated attacker could exploit this to modify the configuration of WCS or any wireless...

Cisco Wireless Control System Installed (Linux)

Cisco Wireless Control System WCS is installed on the remote host. WCS is used as the management component for Cisco Unified Wireless Network. TRUSTED...

Cisco Secure Access Control System Version

The remote host is running Cisco Secure Access Control System ACS, an access control management and appliance system. It is possible to get the ACS version number via SSH. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69133; scriptversion"1.5";...

Cisco Wireless Control System Installed (Windows)

Cisco Wireless Control System WCS is installed on the remote host. WCS is used as the management component for Cisco Unified Wireless Network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid69131; scriptversion"1.9";...

Cisco Prime Network / Wireless Control System Health Monitor Detection

The web interface for Cisco Prime Network / Wireless Control System Health Monitor was detected on the remote host. Health Monitor is used to manage the high availability implementation for Network / Wireless Control System. C Tenable Network Security, Inc. include"compat.inc"; if description...

Cisco Prime Network / Wireless Control System Health Monitor Reflected XSS

The version of Health Monitor a component of Cisco Prime Network / Wireless Control System hosted on the remote web server is affected by a reflective cross-site scripting vulnerability. Input to the 'requestUrl' parameter is not properly sanitized. An attacker could exploit this by tricking a us...

[SECURITY] Fedora 18 Update: kremotecontrol-4.10.5-1.fc18

KRemoteControl formerly known as KDELirc is a KDE frontend for your remote controls. It allows to configure actions for button presses on remotes. All types of remotes supported by the Solid module in the KDE platform are also supported by KRemoteControl e.g. with the Linux Infrared Remote Contro...

Cisco Secure Access Control System Help Index Cross-Site Scripting Vulnerability

A vulnerability in the Access Control System Help index page of Cisco Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input...

Cisco Secure Access Control System Administration Page Cross-Site Scripting Vulnerability

A vulnerability in the Administration pages of Cisco Access Control System ACS could allow an unauthenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web interface of the affected system. The vulnerability is due to insufficient input validation of a...

Cisco Secure Access Control System Error Condition Information Disclosure Vulnerability

An issue in the web interface of Cisco Secure Access Control System ACS could allow an authenticated, remote attacker to view detailed error message information. The issue is due to insufficient filtering of error condition output. An attacker could exploit this issue by forcing the system to...

Cisco Secure Access Control System Admin/View Page Cross-Site Request Forgery Vulnerability

A vulnerability in the Cisco Access Control System ACS Administration and View pages could allow an unauthenticated, remote attacker to perform a cross-site request forgery CSRF attack. The vulnerability is due to insufficient CSRF protections. An attacker could exploit this vulnerability by...

CVE-2013-3428

The web interface in Cisco Secure Access Control System ACS does not properly suppress error-condition details, which allows remote authenticated users to obtain sensitive information via an unspecified request that triggers an error, aka Bug ID CSCue65957...

CVE-2013-3428

CVE-2013-3428 affects Cisco Secure Access Control System (ACS). The web interface does not properly suppress error-condition details due to insufficient filtering of error output, allowing remote authenticated users to obtain sensitive information via an error-triggering request (Bug ID CSCue6595...

CVE-2013-3424

Cross-site request forgery CSRF vulnerability in Administration and View pages in Cisco Secure Access Control System ACS allows remote attackers to hijack the authentication of arbitrary users, aka Bug ID CSCud75177...

CVE-2013-3422

Cross-site scripting XSS vulnerability in Administration pages in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka Bug ID CSCud75165...

CVE-2013-3423

Cross-site scripting XSS vulnerability in the web interface in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174...

Cross site scripting

Cross-site scripting XSS vulnerability in the web interface in Cisco Secure Access Control System ACS allows remote attackers to inject arbitrary web script or HTML via an unspecified field, aka Bug ID CSCud75174...