29 matches found
Cisco Mars Cross-Site Scripting Vulnerability - CVE-2013-5563
Vulnerability Type: Cross-Site Scripting CVE: CVE-2013-5563 Products and affected versions: Cisco Security Monitoring, Analysis and Response System CS-MARS - All versions Vendor Website: http://www.cisco.com/en/US/products/ps6241/ Cisco Advisory: https://tools.cisco.com/bugsearch/bug/CSCul16173...
Cross site scripting
Cross-site scripting XSS vulnerability in Query/NewQueryResult.jsp in Cisco Security Monitoring, Analysis and Response System CS-MARS allows remote attackers to inject arbitrary web script or HTML via the isnowLatency parameter, aka Bug ID CSCul16173...
CVE-2009-2977
The Cisco Security Monitoring, Analysis and Response System CS-MARS 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace. files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files...
CVE-2009-2977
The CVE-2009-2977 entry concerns Cisco CS-MARS (Security Monitoring, Analysis and Response System) 6.0.4 and earlier. The underlying issue is that cleartext passwords are stored in log files (log/sysbacktrace.## files) inside error-logs.tar.gz archives, which could let context-dependent attackers...
FreeBSD Security Advisory (FreeBSD-SA-06:12.opie.asc)
The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-06:12.opie.asc ADV FreeBSD-SA-06:12.opie.asc OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft In...
CVE-2007-0397
The Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.3 and Adaptive Security Device Manager ASDM before 5.22.54 do not validate the SSL/TLS certificates or SSH public keys when connecting to devices, which allows remote attackers to spoof those devices to obtain sensitiv...
Multiple Cisco Security Monitoring, Analysis and Response System security vulnerabilities
Default preconfigured Oracle databse account, JBoss code execution, multiple administrative interface code executions...
CVE-2006-3734
Multiple unspecified vulnerabilities in the Command Line Interface CLI for Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root...
Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS)
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...