EUVD-2008-1164

Malware in sbrugna...

Cisco Clean Access Manager filter SQL Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Clean Access Manager. Authentication is not required to exploit this vulnerability. The specific flaw is in the handling of filter URL parameters when constructing SQL database queries. By...

CVE-2008-1155

Cisco Network Admission Control NAC Appliance 3.5.x, 3.6.x before 3.6.4.4, 4.0.x before 4.0.6, and 4.1.x before 4.1.2 allows remote attackers to obtain the shared secret for the Clean Access Server CAS and Clean Access Manager CAM by sniffing error logs...

CVE-2007-0058

Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...

Authentication flaw

Cisco Clean Access CCA 3.5.x through 3.5.9 and 3.6.x through 3.6.1.1 on the Clean Access Manager CAM allows remote attackers to bypass authentication and download arbitrary manual database backups by guessing the snapshot filename using brute force, then making a direct request for the file...