Lucene search
K

19 matches found

Talos Blog
Talos Blog
added 2018/04/05 6:55 a.m.21 views

Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client

Update: 4/9 Cisco PSIRT has released additional guidance available here. Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Several incidents in multiple countries, including some specifical...

7.4AI score
Exploits0
Talos Blog
Talos Blog
added 2018/02/06 11:15 a.m.115 views

Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet

Beers with Talos BWT Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP22 Show Notes: Recorded 2/2/18 - Guests two EPs in a row! We are joined by Omar Santos from Cisco PSI...

10CVSS9.5AI score0.87138EPSS
Exploits7
0day.today
0day.today
added 2017/10/24 12:0 a.m.75 views

Cisco Umbrella Virtual Appliance 2.0.3 Undocumented Support Tunnel Vulnerability

Cisco Umbrella Virtual Appliance versions 2.0.3 and below contain an undocumented, auto-initiated reverse SSH tunnel which allows the Cisco Umbrella support team to have persistent and unrestricted access to the virtual appliance. Cisco Umbrella Virtual Appliance - Undocumented Support Tunnel...

6CVSS6.6AI score0.00359EPSS
Exploits1
Cisco
Cisco
added 2017/10/20 9:0 p.m.64 views

Cisco AMP for Endpoints Static Key Vulnerability

On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to...

6.7CVSS6.4AI score0.003EPSS
Exploits0References1
Cisco
Cisco
added 2017/05/12 6:30 p.m.123 views

Intel Active Management Technology Privilege Escalation Vulnerability

On May 1st, 2017, Intel released a security advisory titled Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege, also known as INTEL-SA-00075. The advisory details a vulnerability in the Intel Active Management AMT, Intel...

10CVSS7.3AI score0.92189EPSS
Exploits7References1
0day.today
0day.today
added 2016/10/13 12:0 a.m.55 views

Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption

Exploit for windows platform in category dos / poc Application: Cisco Webex Player Platforms: Windows Versions: Cisco Webex Meeting Player version T29.10 Author: Francis Provencher of COSIG Website: https://cosig.gouv.qc.ca/en/advisory/ Twitter: @COSIG Date: August 31, 2016 CVE: CVE-2016-1415...

4.3CVSS5.5AI score0.05607EPSS
Exploits3
Cisco
Cisco
added 2015/12/17 5:22 p.m.35 views

Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability

A vulnerability in the HTTP server on the Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter EDVA could allow an unauthenticated, remote attacker to access sensitive information located on the device. The vulnerability is due to insufficient input...

5CVSS6.3AI score0.02439EPSS
Exploits0References1
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.26 views

Cisco/Protego CS-MARS < 4.2.1 (JBoss) Remote Code Execution Exploit

No description provided by source. !/usr/bin/perl Cisco/Protego CS-MARS 4.2.1 remote command execution, system compromise via insecure JBoss installation. Fully functional POC code by Jon Hart [email protected] Addressed in CSCse47646 CS-MARS is an event correlation product orginally written by...

7.1AI score
Exploits0
Cisco
Cisco
added 2013/01/09 4:0 p.m.38 views

Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability

Cisco Unified IP Phones 7900 Series versions 9.31SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kerne...

6.8CVSS6.9AI score0.004EPSS
Exploits0References1
0day.today
0day.today
added 2012/10/12 12:0 a.m.50 views

Cisco WebEx .wrf Memory Corruption

Exploit for hardware platform in category local exploits -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Cisco WebEx .wrf Memory Corruption Vulnerability 1. Advisory Information Title: Cisco WebEx .wrf Memory Corruption Vulnerabili...

6.5AI score0.05155EPSS
Exploits1
0day.today
0day.today
added 2009/11/21 12:0 a.m.17 views

Cisco VPN Client Integer Overflow (DOS)

Exploit for unknown platform in category dos / poc ======================================= Cisco VPN Client Integer Overflow DOS ======================================= Title: Cisco VPN Client Integer Overflow DOS CVE-ID: OSVDB-ID: Author: Alex Hernandez Published: 2009-11-21 Verified: yes view...

7AI score
Exploits0
exploitpack
exploitpack
added 2009/11/21 12:0 a.m.13 views

Cisco VPN Client - Integer Overflow Denial of Service

Cisco VPN Client - Integer Overflow Denial of Service / Cisco VPN client version 5.0.03.0560 Cisco VPN client Version 5.0.04.0300 Cisco VPN client Version 5.0.05.0290 Cisco VPN client Version 4.8.02.0010 / / Cisco VPN Client 0day Integer overflow DOS Proof Of Concept Code By Alex Hernandez aka...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2009/11/21 12:0 a.m.30 views

Cisco VPN Client - Integer Overflow Denial of Service

/ Cisco VPN client version 5.0.03.0560 Cisco VPN client Version 5.0.04.0300 Cisco VPN client Version 5.0.05.0290 Cisco VPN client Version 4.8.02.0010 / / Cisco VPN Client 0day Integer overflow DOS Proof Of Concept Code By Alex Hernandez aka alt3kx c November 2009 This POC is only for test. If an...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2009/01/16 12:0 a.m.73 views

RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Paul Oxman with Cisco PSIRT. For mitigations and workarounds, please consult the Cisco Security Response available at: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml Regards From: showrun.lee mailto:[email protected]...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2007/05/12 12:0 a.m.54 views

Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server Advisory ID: cisco-sa-20070509-iosftp http://www.cisco.com/warp/public/707/cisco-sa-20070509-iosftp.shtml Revision 1.0 For Public Release 2007 May 09 1600 UTC GMT -...

0.3AI score
Exploits0
securityvulns
securityvulns
added 2006/07/27 12:0 a.m.98 views

RE: [Full-disclosure] Cisco VPN Concentrator IKE resource exhaustionDoS Advisory

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello: This is a Cisco PSIRT response to an advisory published by an unaffiliated third party, Roy Hills, of NTA Monitor Ltd posted as of July 26, 2006 at http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html, and entitled: Cisco VPN...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2006/06/18 12:0 a.m.49 views

RE: Cisco Secure ACS Cross Site Scripting Vulnerability.

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Cisco PSIRT response to the statements made by Thomas Liam Romanis of Fujitsu Services Limited in their posting to BugTraq on the 15th June 2006, regarding Cisco Secure ACS LoginProxy.CGI Cross-Site Scripting Vulnerability, located at...

6.6AI score
Exploits0
securityvulns
securityvulns
added 2006/04/20 12:0 a.m.52 views

Re: Multiple vulnerabilities in Linux based Cisco products

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is Cisco PSIRT's response to the privilege escalation vulnerability independently announced by Adam Pointon of Assurance.com.au and Mathieu Pepin of Axen Consulting. We would like to thank both Adam and Mathieu for bringing this issue to our...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2006/03/07 12:0 a.m.45 views

[Full-disclosure] Cisco PIX embryonic state machine TTL&#40;n-1&#41; DoS and Cisco PIX embryonic state machine 1b data DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in their messages: "Full-disclosure Cisco PIX embryonic state machine TTLn-1 DoS" and "Full-disclosure Cisco PIX embryonic state...

Exploits0
Rows per page
Query Builder