17 matches found
EUVD-2005-2632
Malware in sbrugna...
EUVD-2007-0062
Malware in sbrugna...
EUVD-2005-4818
Malware in sbrugna...
EUVD-2007-0061
Malware in sbrugna...
CVE-2005-4825
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service disk consumption, or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332...
Cisco Clean Access Manager sortColumn SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of sortColumn URL parameters when constructing SQL database queries. B...
Cisco Clean Access可猜测快照文件漏洞
Cisco Clean Access CCA是一款用于自动检测、隔离、清除受恶意代码感染的设备访问网络解决方案。 Cisco Clean Access处理快照文件名存在问题,远程攻击者可以利用漏洞下载数据库文件获得敏感信息。 Cisco Clean Access手工备份的数据库快照存在文件名可猜测并下载影响,攻击者可能无需认证下载到备份数据库,而此数据库文件没有加密及其他保护。此漏洞的Cisco Bug ID为CSCsd48626,影响如下的CCA版本: CCA releases 3.5.x - 3.5.9 CCA releases 3.6.x - 3.6.1.1 Cisco Clean...
Authentication flaw
Cisco Clean Access CCA 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access...
Cisco Clean Access多个远程安全漏洞
Cisco Clean Access CCA是一种用于自动检测、隔离、清除受恶意代码感染的设备访问网络的软件解决方案。 CCA的实现上存在两个安全漏洞,远程攻击得可能利用这些漏洞获取非授权访问或得到敏感信息。 CCA与Cisco Clean Access Manager CAM交互时,交互双方需要相同的密钥,CAM端的密钥在CAM和CAS初始化时设定,CCA实现上的漏洞使此密钥不可被更改,网络上所有相关的设备共享了相同的密钥,可能导致非授权访问。此漏洞的Cisco Bug ID为CSCsd48626,影响如下的CCA版本: CCA releases 3.6.x - 3.6.4.2 CCA...
Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Clean Access Advisory ID: cisco-sa-20070103-CleanAccess http://www.cisco.com/warp/public/707/cisco-sa-20070103-CleanAccess.shtml Revision 1.0 For Public Release 2007 January 03 1600 UTC GMT -...
Multiple Vulnerabilities in Cisco Clean Access
...
CVE-2006-4430
The Cisco Network Admission Control NAC 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access CCA Agent and bypass local and remote protection mechanisms by modifying 1 the HTTP User-Agent header or 2 the behavior of the TCP/IP stack. NOTE: the vendor has...
Multiple Cisco Clean Access network admission control appliance vulnerabilities
It's possible to upload files to server without authentication...
[SA18103] Cisco Clean Access Manager Obsolete JSP Files Vulnerability
TITLE: Cisco Clean Access Manager Obsolete JSP Files Vulnerability SECUNIA ADVISORY ID: SA18103 VERIFY ADVISORY: http://secunia.com/advisories/18103/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network SOFTWARE: Cisco Clean Access CCA 3.x http://secunia.com/product/5561/ DESCRIPTION: Al...
DoS in Cisco Clean Access
Date of release: 16/12/2005 Software: Cisco Clean Access/Perfigo CleanMachines http://www.cisco.com/en/US/products/ps6128/index.html Affected versions: Tested on 3.5.5, assumed all =current. Risk: Medium/High Discovered by: Alex Lanstein Background -------- Cisco Clean Access is an easily deploye...
Unauthorized Cisco Clean Access virus isolation solution API access
No description provided...
Cisco Clean Access Unauthenticated API Access
...