13 matches found
CVE-2007-5580
CVE-2007-5580 is a remote buffer overflow in Cisco Security Agent on Windows caused by a driver not validating SMB data, exploitable via crafted SMB packets over TCP ports 139 or 445. Affected CSA versions include Windows 4.5.1 (<= 4.5.1.671/672 hotfix path), 5.0 (<= 5.0.0.225), 5.1 (<= ...
CVE-2011-0364
CVE-2011-0364 affects Cisco Security Agent Management Center (CSA) – specifically the Management Console component (webagent.exe). Versions 5.1, 5.2, and 6.0 prior to 6.0.2.145 are vulnerable. The flaw arises in the web management interface when handling a crafted st_upload POST request, allowing...
CVE-2010-0147
The CVE-2010-0147 issue affects the Management Center for Cisco Security Agents. A SQL injection vulnerability exists that allows remote authenticated users to execute arbitrary SQL commands. Affected versions are Cisco Security Agent Management Center: 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0....
CVE-2007-1065
CVE-2007-1065 affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (when a vulnerable Trust Agent is deployed), and Meetinghouse AEGIS SecureConnect Client. The issue is a local privilege escalation to SYSTEM via unspecified vectors in the 802.1...
CVE-2007-1064
The CVE-2007-1064 issue affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (when a vulnerable Trust Agent is deployed), and the Meetinghouse AEGIS SecureConnect Client. The vulnerability arises because privileges are not dropped when invoking ...
CVE-2010-0146
CVE-2010-0146 refers to a directory traversal vulnerability in the Management Center for Cisco Security Agents, affected only for Cisco Security Agent Release 6.0 (Management Center). Exploitation requires an authenticated user and may allow reading arbitrary files on the Management Center server...
CVE-2005-2280
CVE-2005-2280 affects Cisco Security Agent (CSA) 4.5 and allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. The available sources confirm the vulnerability is network‑based with no authentication required and no further impact details are provided in the ...
CVE-2007-1066
The CVE-2007-1066 issue affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 when a vulnerable Trust Agent is deployed, and the Meetinghouse AEGIS SecureConnect Client. The root cause is an insecure default Discretionary Access Control List (DAC...
CVE-2010-0148
Cisco Security Agent 5.2 on Linux is affected by a DoS vulnerability (CVE-2010-0148) that can trigger a kernel panic by sending a series of TCP packets. The issue is part of multiple vulnerabilities disclosed in Cisco Security Agent Management Center advisories; the DoS affects Cisco Security Age...
CVE-2004-1112
The CVE-2004-1112 entry concerns Cisco Security Agent (CSA) prior to 4.0.3 build 728. A buffer overflow trigger waits five minutes for a user response before terminating, which could let remote attackers bypass the overflow protection by issuing additional overflow attempts within the timeout. Af...
CVE-2007-1067
The CVE-2007-1067 entry affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent is deployed), and the Meetinghouse AEGIS SecureConnect Client. The underlying issue is improper parsing of commands, enabling loc...
CVE-2006-5553
Cisco Security Agent (CSA) for Linux is affected in 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as deployed with Unified CallManager (CUCM) and Unified Presence Server (CUPS). The issue allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain opt...
CVE-2007-1068
The CVE-2007-1068 entry describes a credential leakage issue where authentication credentials used by Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (with vulnerable Trust Agent), and Meetinghouse AEGIS SecureConnect Client are stored in plaintext...