19 matches found
Critical Infrastructure at Risk: Advanced Actors Target Smart Install Client
Update: 4/9 Cisco PSIRT has released additional guidance available here. Cisco has recently become aware of specific advanced actors targeting Cisco switches by leveraging a protocol misuse issue in the Cisco Smart Install Client. Several incidents in multiple countries, including some specifical...
Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet
Beers with Talos BWT Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP22 Show Notes: Recorded 2/2/18 - Guests two EPs in a row! We are joined by Omar Santos from Cisco PSI...
Cisco Umbrella Virtual Appliance 2.0.3 Undocumented Support Tunnel Vulnerability
Cisco Umbrella Virtual Appliance versions 2.0.3 and below contain an undocumented, auto-initiated reverse SSH tunnel which allows the Cisco Umbrella support team to have persistent and unrestricted access to the virtual appliance. Cisco Umbrella Virtual Appliance - Undocumented Support Tunnel...
Cisco AMP for Endpoints Static Key Vulnerability
On October 20th, 2017, Cisco PSIRT was notified by the internal product team of a security vulnerability in the Cisco AMP For Endpoints application that would allow an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to...
Intel Active Management Technology Privilege Escalation Vulnerability
On May 1st, 2017, Intel released a security advisory titled Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege, also known as INTEL-SA-00075. The advisory details a vulnerability in the Intel Active Management AMT, Intel...
Cisco Webex Player T29.10 - '.ARF' Out-of-Bounds Memory Corruption
Exploit for windows platform in category dos / poc Application: Cisco Webex Player Platforms: Windows Versions: Cisco Webex Meeting Player version T29.10 Author: Francis Provencher of COSIG Website: https://cosig.gouv.qc.ca/en/advisory/ Twitter: @COSIG Date: August 31, 2016 CVE: CVE-2016-1415...
Cisco Model DPQ3925 Wireless Residential Gateway Information Disclosure Vulnerability
A vulnerability in the HTTP server on the Cisco Model DPQ3925 8x4 DOCSIS 3.0 Wireless Residential Gateway with Embedded Digital Voice Adapter EDVA could allow an unauthenticated, remote attacker to access sensitive information located on the device. The vulnerability is due to insufficient input...
Cisco/Protego CS-MARS < 4.2.1 (JBoss) Remote Code Execution Exploit
No description provided by source. !/usr/bin/perl Cisco/Protego CS-MARS 4.2.1 remote command execution, system compromise via insecure JBoss installation. Fully functional POC code by Jon Hart [email protected] Addressed in CSCse47646 CS-MARS is an event correlation product orginally written by...
Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability
Cisco Unified IP Phones 7900 Series versions 9.31SR1 and prior contain an arbitrary code execution vulnerability that could allow a local attacker to execute code or modify arbitrary memory with elevated privileges. This vulnerability is due to a failure to properly validate input passed to kerne...
Cisco WebEx .wrf Memory Corruption
Exploit for hardware platform in category local exploits -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Cisco WebEx .wrf Memory Corruption Vulnerability 1. Advisory Information Title: Cisco WebEx .wrf Memory Corruption Vulnerabili...
Cisco VPN Client Integer Overflow (DOS)
Exploit for unknown platform in category dos / poc ======================================= Cisco VPN Client Integer Overflow DOS ======================================= Title: Cisco VPN Client Integer Overflow DOS CVE-ID: OSVDB-ID: Author: Alex Hernandez Published: 2009-11-21 Verified: yes view...
Cisco VPN Client - Integer Overflow Denial of Service
Cisco VPN Client - Integer Overflow Denial of Service / Cisco VPN client version 5.0.03.0560 Cisco VPN client Version 5.0.04.0300 Cisco VPN client Version 5.0.05.0290 Cisco VPN client Version 4.8.02.0010 / / Cisco VPN Client 0day Integer overflow DOS Proof Of Concept Code By Alex Hernandez aka...
Cisco VPN Client - Integer Overflow Denial of Service
/ Cisco VPN client version 5.0.03.0560 Cisco VPN client Version 5.0.04.0300 Cisco VPN client Version 5.0.05.0290 Cisco VPN client Version 4.8.02.0010 / / Cisco VPN Client 0day Integer overflow DOS Proof Of Concept Code By Alex Hernandez aka alt3kx c November 2009 This POC is only for test. If an...
RE: DoS code for Cisco VLAN Trunking Protocol Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Paul Oxman with Cisco PSIRT. For mitigations and workarounds, please consult the Cisco Security Response available at: http://www.cisco.com/warp/public/707/cisco-sr-20081105-vtp.shtml Regards From: showrun.lee mailto:[email protected]...
Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in the IOS FTP Server Advisory ID: cisco-sa-20070509-iosftp http://www.cisco.com/warp/public/707/cisco-sa-20070509-iosftp.shtml Revision 1.0 For Public Release 2007 May 09 1600 UTC GMT -...
RE: [Full-disclosure] Cisco VPN Concentrator IKE resource exhaustionDoS Advisory
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello: This is a Cisco PSIRT response to an advisory published by an unaffiliated third party, Roy Hills, of NTA Monitor Ltd posted as of July 26, 2006 at http://www.nta-monitor.com/posts/2006/07/cisco-concentrator-dos.html, and entitled: Cisco VPN...
RE: Cisco Secure ACS Cross Site Scripting Vulnerability.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, This is Cisco PSIRT response to the statements made by Thomas Liam Romanis of Fujitsu Services Limited in their posting to BugTraq on the 15th June 2006, regarding Cisco Secure ACS LoginProxy.CGI Cross-Site Scripting Vulnerability, located at...
Re: Multiple vulnerabilities in Linux based Cisco products
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This is Cisco PSIRT's response to the privilege escalation vulnerability independently announced by Adam Pointon of Assurance.com.au and Mathieu Pepin of Axen Consulting. We would like to thank both Adam and Mathieu for bringing this issue to our...
[Full-disclosure] Cisco PIX embryonic state machine TTL(n-1) DoS and Cisco PIX embryonic state machine 1b data DoS
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in their messages: "Full-disclosure Cisco PIX embryonic state machine TTLn-1 DoS" and "Full-disclosure Cisco PIX embryonic state...