982 matches found
CVE-2006-4430
The Cisco Network Admission Control NAC 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access CCA Agent and bypass local and remote protection mechanisms by modifying 1 the HTTP User-Agent header or 2 the behavior of the TCP/IP stack. NOTE: the vendor has...
CVE-2005-4825
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service disk consumption, or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332...
Multiple Cisco Clean Access network admission control appliance vulnerabilities
It's possible to upload files to server without authentication...
[SA18103] Cisco Clean Access Manager Obsolete JSP Files Vulnerability
TITLE: Cisco Clean Access Manager Obsolete JSP Files Vulnerability SECUNIA ADVISORY ID: SA18103 VERIFY ADVISORY: http://secunia.com/advisories/18103/ CRITICAL: Less critical IMPACT: DoS WHERE: From local network SOFTWARE: Cisco Clean Access CCA 3.x http://secunia.com/product/5561/ DESCRIPTION: Al...
CVE-2005-4332
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager is affected by CVE-2005-4332. The issue allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files, specifically admin/uploadclient.jsp, apply_firmware_ac...
CVE-2005-4332
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including 1 admin/uploadclient.jsp, 2 applyfirmwareaction.jsp, and 3 file.jsp...
DoS in Cisco Clean Access
Date of release: 16/12/2005 Software: Cisco Clean Access/Perfigo CleanMachines http://www.cisco.com/en/US/products/ps6128/index.html Affected versions: Tested on 3.5.5, assumed all =current. Risk: Medium/High Discovered by: Alex Lanstein Background -------- Cisco Clean Access is an easily deploye...
alya.cgi
alya.cgi is a cgi backdoor distributed with multiple rootkits. SPDX-FileCopyrightText: 2002 Jason Lidow Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2005-2631
Cisco Clean Access CCA 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users...
CVE-2005-2631
Cisco Clean Access CCA 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users...
CVE-2005-2631
Concretely, CVE-2005-2631 affects Cisco Clean Access (CCA) versions 3.3.0–3.3.9, 3.4.0–3.4.5, and 3.5.0–3.5.3. The root cause is improper authentication when invoking API methods, potentially allowing remote attackers to bypass security checks, change a user’s assigned role, or disconnect users. ...
Cisco Clean Access Agent (Perfigo) bypass
Description: Cisco Clean Access is an easily deployed software solution that can automatically detect, isolate, and clean infected or vulnerable devices that attempt to access your network. It identifies whether networked devices such as laptops, personal digital assistants, even game consoles ar...
Unauthorized Cisco Clean Access virus isolation solution API access
No description provided...
Cisco Clean Access Unauthenticated API Access
...
[Full-disclosure] Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access Revision 1.0 For Public Release 2005 August 17 1600 UTC GMT +------------------------------------------------------------------------------ Contents ======== Summary Affected...
CVE-2004-2283
Removed by vendor...
CVE-2004-2283
Unknown vulnerability in DansGuardian before 2.6.1-13 allows remote attackers to bypass URL filters via a crafted request that causes a page to be added to the clean page cache...
Дырка в clean-tmps в FreeBSD
Можно удалить любые файлы в корневом каталоге...
4.3 Security: local DoS via clean-tmps
Tested in 4.3-RELEASE only: If /etc/periodic/daily/clean-tmps is enabled, then it's possible for any local user to trick it into calling unlink or rmdir on anything in the root directory. The problem is that "find -delete" can be made to do chdir".." multiple times followed by unlink and/or rmdir...
Windows Internet Explorer 9 for Windows Server 2008
Windows Internet Explorer 9 delivers web sites and applications that look and perform like native PC applications through the power of Windows. Fast: Internet Explorer 9 is all-around fast. Designed to take full advantage of your PC’s hardware through Windows, Internet Explorer 9 delivers...