Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP inspection engine of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a deni...

Cisco Catalyst 2960 IOS 12.2(55)SE11 - ROCEM Remote Code Execution Exploit

Exploit for hardware platform in category remote exploits !/usr/bin/python Exploit Title: Cisco Catalyst 2960 - Buffer Overflow Exploit Details: https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/ Date: 04.10.2017 Exploit Author: https://twitter.com/artkond Vendor Homepage:...

Cisco Unity Connection目录遍历漏洞

Bugtraq ID:66676 CVE ID:CVE-2014-2145 Cisco Unity Connection 可以透明地将留言和语音识别组件与您的数据网络集成到一起，不间断地提供对呼叫和留言的全面访问。 Cisco Unity Connection的消息传送API在实现上存在目录遍历漏洞，这可使经过身份验证的远程用户通过.wav文件和audio/x-wav MIME类型的访问限制，利用此漏洞读取任意文件。 0 Cisco Unity Connection 目前厂商已经发布了升级补丁以修复漏洞，请下载使用：...

DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315]

Title ----- DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal CVE-2011-3315 Severity -------- High Date Discovered --------------- August 9, 2011 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit: r@b13$ Vulnerability Description...

NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation

High Risk Vulnerability in Cisco VPN client Windows 64 bit 25 March 2011 Gavin Jones of NGS Secure has discovered a High risk vulnerability in the Cisco VPN client Windows 64 bit. Impact: Privilege Escalation Cisco has released a patch that addresses the issue. The announcement of this patch can ...

Cisco Unity多个远程安全漏洞

BUGTRAQ ID: 31642 CVECAN ID: CVE-2008-4545,CVE-2008-4544,CVE-2008-4543,CVE-2008-4542 Cisco Unity是一个语音和统一的消息平台。 Cisco Unity中存在多个安全漏洞，可能允许恶意用户泄露敏感信息、导致拒绝服务或注入恶意脚本。 1 Cisco Unity中存在跨站脚本漏洞，远程攻击者可以向数据库提供恶意数据，当下一次管理员登录并访问依赖于存储信息的页面时，就可以执行跨站脚本。 2...

[Full-disclosure] Cisco PIX embryonic state machine TTL(n-1) DoS and Cisco PIX embryonic state machine 1b data DoS

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Response ============== This is Cisco PSIRT's response to the statements made by Arhont Ltd.- Information Security in their messages: "Full-disclosure Cisco PIX embryonic state machine TTLn-1 DoS" and "Full-disclosure Cisco PIX embryonic state...