Lucene search
K
CiscoSecurity Agent

13 matches found

CVE
CVE
added 2007/12/15 1:0 a.m.72 views

CVE-2007-5580

CVE-2007-5580 is a remote buffer overflow in Cisco Security Agent on Windows caused by a driver not validating SMB data, exploitable via crafted SMB packets over TCP ports 139 or 445. Affected CSA versions include Windows 4.5.1 (<= 4.5.1.671/672 hotfix path), 5.0 (<= 5.0.0.225), 5.1 (<= ...

10CVSS7.7AI score0.0643EPSS
CVE
CVE
added 2011/02/18 11:0 p.m.60 views

CVE-2011-0364

CVE-2011-0364 affects Cisco Security Agent Management Center (CSA) – specifically the Management Console component (webagent.exe). Versions 5.1, 5.2, and 6.0 prior to 6.0.2.145 are vulnerable. The flaw arises in the web management interface when handling a crafted st_upload POST request, allowing...

10CVSS7.5AI score0.19617EPSS
CVE
CVE
added 2010/02/23 8:0 p.m.57 views

CVE-2010-0147

The CVE-2010-0147 issue affects the Management Center for Cisco Security Agents. A SQL injection vulnerability exists that allows remote authenticated users to execute arbitrary SQL commands. Affected versions are Cisco Security Agent Management Center: 5.1 prior to 5.1.0.117, 5.2 prior to 5.2.0....

6.5CVSS8.1AI score0.01614EPSS
CVE
CVE
added 2007/02/22 1:0 a.m.55 views

CVE-2007-1065

CVE-2007-1065 affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (when a vulnerable Trust Agent is deployed), and Meetinghouse AEGIS SecureConnect Client. The issue is a local privilege escalation to SYSTEM via unspecified vectors in the 802.1...

6.8CVSS6.5AI score0.00298EPSS
CVE
CVE
added 2007/02/22 1:0 a.m.53 views

CVE-2007-1064

The CVE-2007-1064 issue affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (when a vulnerable Trust Agent is deployed), and the Meetinghouse AEGIS SecureConnect Client. The vulnerability arises because privileges are not dropped when invoking ...

6.8CVSS6.4AI score0.00298EPSS
CVE
CVE
added 2010/02/23 8:0 p.m.53 views

CVE-2010-0146

CVE-2010-0146 refers to a directory traversal vulnerability in the Management Center for Cisco Security Agents, affected only for Cisco Security Agent Release 6.0 (Management Center). Exploitation requires an authenticated user and may allow reading arbitrary files on the Management Center server...

6.8CVSS6.3AI score0.02731EPSS
CVE
CVE
added 2005/07/17 4:0 a.m.52 views

CVE-2005-2280

CVE-2005-2280 affects Cisco Security Agent (CSA) 4.5 and allows remote attackers to cause a denial of service (system crash) via a crafted IP packet. The available sources confirm the vulnerability is network‑based with no authentication required and no further impact details are provided in the ...

5CVSS6.9AI score0.01259EPSS
CVE
CVE
added 2007/02/22 1:0 a.m.50 views

CVE-2007-1066

The CVE-2007-1066 issue affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 when a vulnerable Trust Agent is deployed, and the Meetinghouse AEGIS SecureConnect Client. The root cause is an insecure default Discretionary Access Control List (DAC...

6.8CVSS6.5AI score0.00298EPSS
CVE
CVE
added 2010/02/23 8:0 p.m.50 views

CVE-2010-0148

Cisco Security Agent 5.2 on Linux is affected by a DoS vulnerability (CVE-2010-0148) that can trigger a kernel panic by sending a series of TCP packets. The issue is part of multiple vulnerabilities disclosed in Cisco Security Agent Management Center advisories; the DoS affects Cisco Security Age...

7.8CVSS6.6AI score0.02971EPSS
CVE
CVE
added 2004/12/01 5:0 a.m.49 views

CVE-2004-1112

The CVE-2004-1112 entry concerns Cisco Security Agent (CSA) prior to 4.0.3 build 728. A buffer overflow trigger waits five minutes for a user response before terminating, which could let remote attackers bypass the overflow protection by issuing additional overflow attempts within the timeout. Af...

5.1CVSS7.5AI score0.01503EPSS
CVE
CVE
added 2007/02/22 1:0 a.m.49 views

CVE-2007-1067

The CVE-2007-1067 entry affects Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent is deployed), and the Meetinghouse AEGIS SecureConnect Client. The underlying issue is improper parsing of commands, enabling loc...

7.2CVSS6.6AI score0.00333EPSS
CVE
CVE
added 2006/10/26 5:0 p.m.45 views

CVE-2006-5553

Cisco Security Agent (CSA) for Linux is affected in 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as deployed with Unified CallManager (CUCM) and Unified Presence Server (CUPS). The issue allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain opt...

7.8CVSS6.7AI score0.03065EPSS
CVE
CVE
added 2007/02/22 1:0 a.m.42 views

CVE-2007-1068

The CVE-2007-1068 entry describes a credential leakage issue where authentication credentials used by Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x/2.x, Cisco Security Agent (CSA) 5.0/5.1 (with vulnerable Trust Agent), and Meetinghouse AEGIS SecureConnect Client are stored in plaintext...

7.2CVSS5.9AI score0.00351EPSS