Lucene search
K

10 matches found

ThreatPost
ThreatPost
added 2018/02/09 1:6 p.m.76 views

Cisco Confirms Critical Firewall Software Bug Is Under Attack

Attackers are trying to exploit a critical vulnerability in Cisco’s Adaptive Security Appliance firewall software, the company has confirmed. Cisco has updated its advisory for the vulnerability, which was first revealed on Jan. 29 and has been logged as CVE-2018-0101, on Feb. 7. “The Cisco Produ...

10CVSS1.9AI score0.95707EPSS
Exploits22References4
Packet Storm
Packet Storm
added 2018/02/07 12:0 a.m.344 views

Cisco ASA Crash Proof Of Concept

Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect VPN Agent...

9.2AI score0.87397EPSS
Exploits7
0day.today
0day.today
added 2018/02/07 12:0 a.m.215 views

Cisco ASA - Crash PoC Exploit

Exploit for hardware platform in category dos / poc Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers =...

10CVSS0.87397EPSS
Exploits7
exploitpack
exploitpack
added 2018/02/07 12:0 a.m.57 views

Cisco ASA - Crash (PoC)

Cisco ASA - Crash PoC Cisco ASA CVE-2018-0101 Crash PoC We basically just read: https://www.nccgroup.trust/globalassets/newsroom/uk/events/2018/02/reconbrx2018-robin-hood-vs-cisco-asa.pdf @zerosum0x0, @jennamagius, @alephnaught import requests, sys headers = headers'User-Agent' = 'Open AnyConnect...

10CVSS0.1AI score0.87397EPSS
Exploits7
Talos Blog
Talos Blog
added 2018/02/06 11:15 a.m.114 views

Beers with Talos EP 22: Forget the ASA, Rob Joyce Favorited Craig’s Tweet

Beers with Talos BWT Podcast Episode 22 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing: www.talosintelligence.com/podcast EP22 Show Notes: Recorded 2/2/18 - Guests two EPs in a row! We are joined by Omar Santos from Cisco PSI...

10CVSS9.5AI score0.87397EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2018/02/06 12:0 a.m.105 views

Cisco Firepower Threat Defense (FTD) Adaptive Security Appliance Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)

According to its version, the Cisco Firepower Threat Defense FTD software installed on the remote host is affected by a vulnerability in the XML parser that can allow a remote, unauthenticated attacker to execute arbitrary code. C Tenable Network Security, Inc. include"compat.inc"; if description...

10CVSS8.8AI score0.87397EPSS
Exploits7References6
Check Point Advisories
Check Point Advisories
added 2018/02/01 12:0 a.m.11 views

Cisco Adaptive Security Appliance Remote Code Execution (CVE-2018-0101)

A Remote Code Execution vulnerability exists in Cisco Adaptive Security Appliance software. The vulnerability is due to a failure on part of Internet Key Exchange code to handle UDP requests. A remote, unauthenticated attacker could exploit this vulnerability by sending crafted UDP requests to a...

10CVSS3.6AI score0.87397EPSS
Exploits7
ThreatPost
ThreatPost
added 2018/01/30 11:6 a.m.36 views

Cisco Patches Critical VPN Vulnerability

Cisco Systems released a patch Monday to fix a critical security vulnerability in its Secure Sockets Layer VPN solution called Adaptive Security Appliance. The vulnerability, according to a Cisco Security Advisory, could allow an unauthenticated and remote attacker to execute remote code on...

10CVSS0.5AI score0.87397EPSS
Exploits7References9
Tenable Nessus
Tenable Nessus
added 2018/01/30 12:0 a.m.181 views

Cisco ASA Remote Code Execution and Denial of Service Vulnerability (cisco-sa-20180129-asa1)

According to its self-reported version the Cisco Adaptive Security Appliance ASA software running on the remote device is affected by a denial of service vulnerability which could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. TRUST...

10CVSS8.3AI score0.87397EPSS
Exploits7References2
CVE
CVE
added 2018/01/29 8:0 p.m.364 views

CVE-2018-0101

CVE-2018-0101 concerns Cisco ASA webvpn: a double-free in the webvpn component can allow an unauthenticated remote attacker to trigger a reload or execute arbitrary code by sending crafted XML packets to a webvpn-configured interface. Public PoCs and PoC sources exist (exploit-db, GitHub), illust...

10CVSS9.6AI score0.87397EPSS
Exploits7References6Affected Software1
Rows per page
Query Builder