21 matches found
EUVD-2016-7300
Malware in sbrugna...
EUVD-2015-6319
Malware in sbrugna...
The vulnerability of Cisco Virtual Wide Area Application Services software for ENCS 5400-W and CSP 5000-W devices, which stems from the use of pre-installed registration data, allows a perpetrator to increase their privileges.
The vulnerability of Cisco Virtual Wide Area Application Services software for ENCS 5400-W and CSP 5000-W devices is related to the use of pre-installed registration data. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
SaltStack Salt Master Server Root Key Disclosure
This module exploits unauthenticated access to the prepauthinfo method in the SaltStack Salt master's ZeroMQ request server, for versions 2019.2.3 and earlier and 3000.1 and earlier, to disclose the root key used to authenticate administrative commands to the master. VMware vRealize Operations...
The vulnerability of Cisco VPN Client software allows a malicious individual to increase their privileges.
The vulnerability in dne2000.sys of Citrix Deterministic Network Enhancer for Cisco VPN Client, Blue Coat WinProxy, SafeNet SoftRemote, and HighAssurance Remote allows local users to elevate their privileges by using a specially crafted request called DNEIOCTL DeviceIoControl to the \.\DNE device...
Cisco Virtual Topology System拒绝服务漏洞
No description provided by source...
CVE-2015-6377
Cisco Virtual Topology System VTS 2.00 and 2.01 allows remote attackers to cause a denial of service CPU and memory consumption, and TCP port outage via a flood of crafted TCP packets, aka Bug ID CSCux13379...
Cisco Virtual Topology System TCP Connection Functionality Denial of Service Vulnerability
A vulnerability in TCP connection handling by Cisco Virtual Topology System VTS devices could allow an unauthenticated, remote attacker to disable TCP ports and cause a denial of service DoS condition due to high CPU and memory utilization. The vulnerability is due to a lack of rate limiting in t...
Cisco Virtual Security Gateway OpenSSL Alternative Certificate Validation Bypass (cisco-sa-20150710-openssl)
The remote Cisco Virtual Security Gateway device is affected by a certificate validation bypass vulnerability in the bundled OpenSSL library due to a flaw in the X509verifycert function in x509vfy.c that is triggered when locating alternate certificate chains in cases where the first attempt to...
Cisco Virtual WSA / ESA / SMA default keys
Default ssh keys are installed...
Authentication flaw
The remote-support feature on Cisco Web Security Virtual Appliance WSAv, Email Security Virtual Appliance ESAv, and Security Management Virtual Appliance SMAv devices before 2015-06-25 uses the same default SSH root authorized key across different customers' installations, which makes it easier f...
Cisco Virtual Central Office 4000 (VCO/4K) 5.1.3 - Remote Username and Password Retrieval
No description provided by source. source: http://www.securityfocus.com/bid/1885/info A vulnerability exists in the Cisco Virtual Central Office 4000 VCO/4K programmable voice switch running software versions 5.13 and earlier. The usernames and passwords for the device's SNMP administration...
CVE-2013-5556
The license-installation module on the Cisco Nexus 1000V switch 4.21SV15.2b and earlier for VMware vSphere, Cisco Nexus 1000V switch 5.21SM15.1 for Microsoft Hyper-V, and Cisco Virtual Security Gateway 4.21VSG11 for Nexus 1000V switches allows local users to gain privileges and execute arbitrary...
CVE-2013-5556
The license-installation module on the Cisco Nexus 1000V switch 4.21SV15.2b and earlier for VMware vSphere, Cisco Nexus 1000V switch 5.21SM15.1 for Microsoft Hyper-V, and Cisco Virtual Security Gateway 4.21VSG11 for Nexus 1000V switches allows local users to gain privileges and execute arbitrary...
Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability (cisco-sa-20120215-nxos)
Cisco NX-OS Software is affected by a denial of service DoS vulnerability that could cause Cisco Nexus 1000v, 1010, 5000, and 7000 Series Switches, and the Cisco Virtual Security Gateway VSG for Nexus 1000V Series Switches, that are running affected versions of Cisco NX-OS Software to reload when...
CVE-2002-1108
Cisco Virtual Private Network VPN Client software 2.x.x, and 3.x before 3.6Rel, when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel...
CVE-2002-1106
Cisco Virtual Private Network VPN Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks...
CVE-2000-0955
Cisco Virtual Central Office 4000 VCO/4K uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges...
CVE-2000-0955
Cisco Virtual Central Office 4000 VCO/4K uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain privileges...
Cisco Virtual Central Office 4000 (VCO4K) 5.1.3 - Remote Username Password Retrieval
Cisco Virtual Central Office 4000 VCO4K 5.1.3 - Remote Username Password Retrieval source: https://www.securityfocus.com/bid/1885/info A vulnerability exists in the Cisco Virtual Central Office 4000 VCO/4K programmable voice switch running software versions 5.13 and earlier. The usernames and...