10 matches found
Cisco Confirms Critical Firewall Software Bug Is Under Attack
Attackers are trying to exploit a critical vulnerability in Cisco’s Adaptive Security Appliance firewall software, the company has confirmed. Cisco has updated its advisory for the vulnerability, which was first revealed on Jan. 29 and has been logged as CVE-2018-0101, on Feb. 7. “The Cisco Produ...
Cisco ASA Crash Proof Of Concept
Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect VPN Agent...
Cisco ASA - Crash PoC Exploit
Exploit for hardware platform in category dos / poc Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers =...
Cisco ASA - Crash (PoC)
Cisco ASA - Crash PoC Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect...
Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet
Beers with Talos BWT Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP22 Show Notes: Recorded 2/2/18 - Guests two EPs in a row! We are joined by Omar Santos from Cisco PSI...
Cisco Firepower Threat Defense (FTD) Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)
According to its version, the Cisco Firepower Threat Defense FTD software installed on the remote host is affected by a vulnerability in the XML parser that can allow a remote, unauthenticated attacker to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description...
Cisco Adaptive Security Appliance Remote Code Execution (CVE-2018-0101)
A Remote Code Execution vulnerability exists in Cisco Adaptive Security Appliance software. The vulnerability is due to a failure on part of Internet Key Exchange code to handle UDP requests. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted UDP requests to a...
Cisco Patches Critical VPN Vulnerability
Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on...
Cisco ASA Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)
According to its self-reported version the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a denial of service vulnerability which could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. TRUST...
CVE-2018-0101
CVE-2018-0101 concerns Cisco ASA webvpn: a double-free in the webvpn component can allow an unauthenticated remote attacker to trigger a reload or execute arbitrary code by sending crafted XML packets to a webvpn-configured interface. Public PoCs and PoC sources exist (exploit-db, GitHub), illust...