16 matches found
EUVD-2008-1744
Malware in sbrugna...
EUVD-2014-0774
Malware in sbrugna...
CVE-2014-0741
The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...
CVE-2014-0742
The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...
Code injection
The Certificate Authority Proxy Function CAPF CLI implementation in the CSR management feature in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via unspecified vectors, aka Bug ID CSCum95464...
Command injection
The Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to inject commands via unspecified CAPF programs, aka Bug ID CSCum95493...
Design/Logic Flaw
The certificate-import feature in the Certificate Authority Proxy Function CAPF CLI implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows local users to read or modify arbitrary files via a crafted command, aka Bug ID CSCum95461...
Authentication flaw
The Certificate Authority Proxy Function CAPF component in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468...
CVE-2014-0743
The Certificate Authority Proxy Function CAPF component in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to bypass authentication and modify registered-device information via crafted data, aka Bug ID CSCum95468...
Cisco Unified Communications Manager CAPF CLI Command Injection Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF command-line interface CLI of Cisco Unified Communications Manager Cisco Unified CM could allow an authenticated, local attacker to inject commands into the underlying operating system. The vulnerability is due to insufficient input...
CVE-2014-0734
SQL injection vulnerability in the Certificate Authority Proxy Function CAPF implementation in Cisco Unified Communications Manager Unified CM 10.01 and earlier allows remote attackers to execute arbitrary SQL commands via a crafted URL, aka Bug ID CSCum46483...
CVE-2014-0734
CVE-2014-0734 affects Cisco Unified Communications Manager CAPF. The Certificate Authority Proxy Function fails to properly sanitize user input, enabling a remote attacker to craft a URL that executes arbitrary SQL commands. Affected: UCM 10.0(1) and earlier. Impact: potential data exposure/modif...
Cisco Unified Communications Manager CAPF Unauthenticated Blind SQL Injection Vulnerability
A vulnerability in the Certificate Authority Proxy Function CAPF of Cisco Unified Communications Manager Cisco Unified CM could allow an unauthenticated, remote attacker to impact the integrity of the system by executing arbitrary SQL queries. The vulnerability is due to a failure to validate...
Design/Logic Flaw
The Certificate Authority Proxy Function CAPF service in Cisco Unified Communications Manager CUCM 4.1 before 4.13SR7, 4.2 before 4.23SR4, and 4.3 before 4.32 allows remote attackers to cause a denial of service service crash via malformed network traffic, aka Bug ID CSCsk46770...
CVE-2008-1744
The Certificate Authority Proxy Function CAPF service in Cisco Unified Communications Manager CUCM 4.1 before 4.13SR7, 4.2 before 4.23SR4, and 4.3 before 4.32 allows remote attackers to cause a denial of service service crash via malformed network traffic, aka Bug ID CSCsk46770...
CVE-2008-1744
The Certificate Authority Proxy Function CAPF service in Cisco Unified Communications Manager CUCM 4.1 before 4.13SR7, 4.2 before 4.23SR4, and 4.3 before 4.32 allows remote attackers to cause a denial of service service crash via malformed network traffic, aka Bug ID CSCsk46770...