40 matches found
EUVD-2007-0061
Malware in sbrugna...
EUVD-2006-4418
Malware in sbrugna...
EUVD-2005-2632
Malware in sbrugna...
EUVD-2005-4818
Malware in sbrugna...
EUVD-2008-1164
Malware in sbrugna...
EUVD-2007-0062
Malware in sbrugna...
CVE-2005-4825
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service disk consumption, or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332...
Cisco Clean Access Manager filter SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of filter URL parameters when constructing SQL database queries. By...
Cisco Clean Access Manager sortColumn SQL Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of sortColumn URL parameters when constructing SQL database queries. B...
Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Network Admission Control Shared Secret Vulnerability Advisory ID: cisco-sa-20080416-nac http://www.cisco.com/warp/public/707/cisco-sa-20080416-nac.shtml Revision 1.0 For Public Release 2008 April 16 1600 UTC GMT Summary...
CVE-2008-1155
Cisco Network Admission Control NAC Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server CAS and Clean Access Manager CAM by sniffing error logs...
CVE-2005-4825
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service disk consumption, or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332...
CVE-2005-4825
Cisco Clean Access 3.5.5 and earlier on Secure Smart Manager is affected. The CVE describes that remote attackers can bypass authentication and cause a denial of service (disk consumption) or access unauthorized files by uploading files through requests to certain JSP scripts. The underlying issu...
Multiple Cisco Clean Access vulnerabilities
Shared secret for client access is same for all devices and can not be changed. Location of database backup snapshot can be bruteforced and downloaded without authentication...
Cisco Clean Access可猜测快照文件漏洞
Cisco Clean Access CCA是一款用于自动检测、隔离、清除受恶意代码感染的设备访问网络解决方案。 Cisco Clean Access处理快照文件名存在问题,远程攻击者可以利用漏洞下载数据库文件获得敏感信息。 Cisco Clean Access手工备份的数据库快照存在文件名可猜测并下载影响,攻击者可能无需认证下载到备份数据库,而此数据库文件没有加密及其他保护。此漏洞的Cisco Bug ID为CSCsd48626,影响如下的CCA版本: CCA releases 3.5.x - 3.5.9 CCA releases 3.6.x - 3.6.1.1 Cisco Clean...
Authentication flaw
Cisco Clean Access CCA 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access...
Authentication flaw
Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...
CVE-2007-0057
Cisco Clean Access CCA 3.6.x through 3.6.4.2 and 4.0.x through 4.0.3.2 does not properly configure or allow modification of a shared secret authentication key, which causes all devices to have the same shared sercet and allows remote attackers to gain unauthorized access...
CVE-2007-0058
Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...
CVE-2007-0057
CVE-2007-0057 affects Cisco Clean Access (CCA) 3.6.x (3.6.4.2 and earlier) and 4.0.x (4.0.3.2 and earlier). The root cause is improper configuration or modification of the shared secret authentication key, causing all devices to share the same secret. This enables remote attackers to gain unautho...