EUVD-2010-0175

Malware in sbrugna...

Cross site scripting

Cross-site scripting XSS vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410...

CVE-2012-0340

Cross-site scripting XSS vulnerability in the management interface on the Cisco IronPort Encryption Appliance with software before 6.5.3 allows remote attackers to inject arbitrary web script or HTML via the header parameter to the default URI under admin/, aka bug ID 72410...

CVE-2012-0340

The CVE refers to Cisco IronPort Encryption Appliance management interface: an XSS vulnerability in the default admin/ URI, exploitable via a header parameter to inject script/HTML. Affected product/version: Cisco IronPort Encryption Appliance with software before 6.5.3. Root cause: reflective XS...

Cisco IronPort Encryption Appliance multiple security vulnerabilities

Multiple vulnerabilities in HTTPS interface...

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance Advisory ID: cisco-sa-20100210-ironport Revision 1.0 For Public Release 2010 February 10 1600 UTC GMT...

CVE-2010-0144

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...

Code injection

Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923...

Code injection

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...

CVE-2010-0143

Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPo...

CVE-2010-0143

CVE-2010-0143 affects Cisco IronPort Encryption Appliance and IronPort PostX MAP prior to versions 6.2.9.1/6.5.2 (and MAP before 6.2.9.1). The vulnerability is an unspecified information-disclosure in the embedded HTTPS server’s administrative interface, allowing remote attackers to read arbitrar...

CVE-2010-0145

Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923...

CVE-2010-0143

Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPo...

CVE-2010-0144

Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka...

CVE-2010-0144

CVE-2010-0144 : Affected Cisco IronPort Encryption Appliance/PostX MAP systems running 6.2.x before 6.2.9.1 or 6.5.x before 6.5.2 (and PostX MAP before 6.2.9.1) expose an unspecified vulnerability in the WebSafe DistributorServlet of the embedded HTTPS server that allows remote attackers to read ...

CVE-2010-0145

Cisco IronPort Encryption Appliance versions 6.2.x before 6.2.9.1, 6.5.x before 6.5.2, and IronPort PostX MAP before 6.2.9.1 are affected by CVE-2010-0145. The vulnerability is a remote code execution flaw in the embedded HTTPS server (IronPort Bug 65923) that allows an unauthenticated, remote at...

Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

Cisco IronPort Encryption Appliance devices contain two vulnerabilities that allow remote, unauthenticated access to any file on the device and one vulnerability that allows remote, unauthenticated users to execute arbitrary code with elevated privileges. There are workarounds available to mitiga...

Cusci IronPort Encryption Appliance / PostX multiple security vulnerabilities

Unauthorized access to encrypted messages, unauthorized access to administration interface...

CVE-2009-0054

PXE Encryption in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allows remote attackers to capture credentials by tricking a user...

CVE-2009-0055

Cross-site request forgery CSRF vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allo...