Entries Tagged ‘Remote Control’

February 2010: four new Cisco vulnerabilities

Feb.25, 2010 in Security Advisory Leave a Comment

Recently, the The Cisco Product Security Incident Response Team (PSIRT) has published four important vulnerability advisories.
Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances
Cisco ASA 5500 Series Adaptive Security Appliances are affected by the following vulnerabilities:

TCP Connection Exhaustion Denial of Service Vulnerability
Session Initiation Protocol (SIP) Inspection Denial of Service Vulnerabilities
Skinny Client Control Protocol (SCCP) [...]

Tags: , ,

3 new Cisco critical vulnerabilities

Feb.03, 2010 in Security Advisory Leave a Comment

Recently, the The Cisco Product Security Incident Response Team (PSIRT) has published three important vulnerability advisories.
Multiple Vulnerabilities in Cisco Unified MeetingPlace
Multiple vulnerabilities exist in Cisco Unified MeetingPlace. This security advisory outlines the details of these vulnerabilities:

Insufficient validation of SQL commands
Unauthorized account creation
User and password enumeration in Cisco MeetingTime
Privilege escalation in Cisco MeetingTime

Tags: , ,

Multiple Cisco WebEx WRF Player Vulnerabilities

Jan.05, 2010 in Security Advisory Leave a Comment

The The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory:  Multiple Cisco WebEx WRF Player Vulnerabilities.
Multiple buffer overflow vulnerabilities exist in the Cisco WebEx Recording Format (WRF) Player. In some cases, exploitation of the vulnerabilities could allow a remote attacker to execute arbitrary code on the system of a targeted [...]

Tags: , ,

Sep.23, 2009: 11 new Cisco critical vulnerabilities!!

Sep.25, 2009 in Security Advisory Leave a Comment

On September 23, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 11 important vulnerability advisories.
Cisco Unified Communications Manager Express Vulnerability
Cisco IOS® devices that are configured for Cisco Unified Communications Manager Express (CME) and the Extension Mobility feature are vulnerable to a buffer overflow vulnerability. Successful exploitation of this vulnerability may result [...]

Tags: ,

Jul.29, 2009: 2 new Cisco critical vulnerabilities

Aug.13, 2009 in Security Advisory Leave a Comment

On July 29, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 2 new vulnerability advisories.
1) Active Template Library (ATL) Vulnerability
Certain Cisco products that use Microsoft Active Template Libraries (ATL) and headers may be vulnerable to remote code execution. In some instances, the vulnerability may be exploited against Microsoft Internet Explorer to [...]

Tags: ,

Jun.24, 2009: 2 new Cisco critical vulnerabilities

Jun.25, 2009 in Security Advisory Leave a Comment

On June 24, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 2 new vulnerability advisories.
1) Cisco Physical Access Gateway Denial of Service Vulnerability
A denial of service (DoS) vulnerability exists in the Cisco Physical Access Gateway. There are no workarounds available to mitigate the vulnerability. This vulnerability has been corrected in Cisco [...]

Tags: , ,

CiscoWorks TFTP Directory Traversal Vulnerability

May.25, 2009 in Security Advisory Leave a Comment

CiscoWorks Common Services contains a vulnerability that could allow an unauthenticated remote attacker to access application and host operating system files.
Cisco has released free software updates that address this vulnerability. A workaround that mitigates this vulnerability is available.
Vulnerable Products
Products that have TFTP services enabled and that run CiscoWorks Common Services versions 3.0.x, 3.1.x, and 3.2.x [...]

Tags: ,

Cisco ASA WebVPN Cross Site Scripting Vulnerability

Apr.26, 2009 in Exploit, Security Advisory Leave a Comment

Cisco ASA is prone to a cross-site scripting vulnerability.
An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site and to steal cookie-based authentication credentials.
Cisco ASA software versions 8.0.4(2B) and prior running on ASA 5500 Series Adaptive Security Appliances are vulnerable.

Tags: ,

Multiple Vulnerabilities in Cisco ASA / PIX security

Apr.13, 2009 in Exploit, Security Advisory Leave a Comment

Multiple vulnerabilities exist in the Cisco ASA 5500 Series Adaptive Security Appliances and Cisco PIX Security Appliances.
Vulnerable Products
The following is a list of the products affected by each vulnerability as described in detail within this advisory.
VPN Authentication Bypass Vulnerability
Cisco ASA or Cisco PIX security appliances that are configured for IPsec or SSL-based remote access VPN [...]

Tags: ,

Mar.25, 2009?! 8 new Cisco vulnerability advisories!

Mar.27, 2009 in Security Advisory Leave a Comment

On March 25, 2009, the The Cisco Product Security Incident Response Team (PSIRT) has published 8 new vulnerability advisories. Mainly these vulnerabilities are DOS attack.
 
1) Cisco IOS cTCP Denial of Service Vulnerability
A series of TCP packets may cause a denial of service (DoS) condition on Cisco IOS devices that are configured as Easy VPN servers [...]

Tags: , ,