20 matches found
EUVD-2011-0975
Malware in sbrugna...
EUVD-2006-4969
Malware in sbrugna...
EUVD-2006-4968
Malware in sbrugna...
EUVD-2012-5903
Malware in sbrugna...
EUVD-2013-1217
Malware in sbrugna...
CVE-2013-1124
The Cisco Network Admission Control NAC agent on Mac OS X does not verify the X.509 certificate of an Identity Services Engine ISE server during an SSL session, which allows man-in-the-middle attackers to spoof ISE servers via an arbitrary certificate, aka Bug ID CSCub24309...
Cisco Network Admission Control Guest Server System Software Authentication Bypass (cisco-sa-20110330-nac)
The remote Cisco Network Admission Control NAC Manager may be affected by an access restriction bypass vulnerability in the RADIUS authentication software. This vulnerability could allow a remote/unauthenticated attacker access to a protected network. C Tenable Network Security, Inc...
Cisco Network Admission Control Manager SQL Injection (cisco-sa-20130417-nac)
The remote Cisco Network Admission Control NAC Manager may be affected by a SQL injection vulnerability. This vulnerability could allow an unauthenticated, remote attacker to take full control of the system i.e. access, create or modify any information in the NAC Manager database. C Tenable Netwo...
CVE-2013-1177
SQL injection vulnerability in Cisco Network Admission Control NAC Manager before 4.8.3.1 and 4.9.x before 4.9.2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka Bug ID CSCub23095...
CVE-2012-6029
Multiple cross-site scripting XSS vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 cm or 2 uri parameters to a perfigoweblogin.jsp, or the 3 cm, 4 provider, 5 session, 6 uri, 7...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 cm or 2 uri parameters to a perfigoweblogin.jsp, or the 3 cm, 4 provider, 5 session, 6 uri, 7...
CVE-2012-6029
CVE-2012-6029 affects Cisco NAC Appliance 4.9.2 and earlier. The vulnerability is a set of cross-site scripting flaws in the web-authentication flow, exploitable by an unauthenticated, remote attacker who persuades a user to follow a malicious URL. Specifically, XSS can be triggered via parameter...
CVE-2012-6029
Multiple cross-site scripting XSS vulnerabilities in the web-authentication function on the Cisco NAC Appliance 4.9.2 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 cm or 2 uri parameters to a perfigoweblogin.jsp, or the 3 cm, 4 provider, 5 session, 6 uri, 7...
Directory traversal
Directory traversal vulnerability in Cisco Network Admission Control NAC Manager 4.8.x allows remote attackers to read arbitrary files via crafted traffic to TCP port 443, aka Bug ID CSCtq10755...
CVE-2011-0963
The default configuration of the RADIUS authentication feature on the Cisco Network Admission Control NAC Guest Server with software before 2.0.3 allows remote attackers to bypass intended access restrictions and obtain network connectivity via unspecified vectors, aka Bug ID CSCtj66922...
Trend Micro OfficeScan Policy Server CGI buffer overflow
Added: 03/03/2008 CVE: CVE-2008-1365 BID: 28020 OSVDB: 42500 Background Trend Micro OfficeScan is a centralized virus and security scan management system. Problem A buffer overflow vulnerability in the Policy Server for Cisco NAC component allows remote attackers to execute arbitrary commands by...
CVE-2006-4983
Cisco NAC allows quarantined devices to communicate over the network with 1 DNS, 2 DHCP, and 3 EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols...
CVE-2006-4982
Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address o...
CVE-2006-4983
Cisco NAC allows quarantined devices to communicate over the network with 1 DNS, 2 DHCP, and 3 EAPoUDP, which allows attackers to bypass control methods by tunneling network traffic through one of these protocols...
CVE-2006-4982
Cisco NAC maintains an exception list that does not record device properties other than MAC address, which allows physically proximate attackers to bypass control methods and join a local network by spoofing the MAC address of a different type of device, as demonstrated by using the MAC address o...