Oct
24
2011
Cisco TelePresence exploits
cisco-exploit

Cisco TelePresence is an umbrella term for Video Conferencing Hardware and Software, Infrastructure and Endpoints. The C & MXP Series are the Endpoints used on desks or in boardrooms to provide users with a termination point for Video Conferencing. 1. Post-authentication HTML Injection – CVE-2011-2544 (CSCtq46488): Cisco TelePresence Endpoints have a web interface (HTTP or HTTPS) for managing, configuring and reporting. It is possible to set the Call ID (with H.323 or SIP) to a HTML value. If a call is made to another endpoint and an authenticated user browses to the web interface on the endpoint receiving the call […]

Oct
11
2011
September 2011: fifteen Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published fifteen important vulnerability advisories: Cisco IOS Software IP Service Level Agreement Vulnerability Cisco Identity Services Engine Database Default Credentials Vulnerability Cisco IOS Software IPv6 over MPLS Vulnerabilities Cisco IOS Software IPv6 Denial of Service Vulnerability Cisco 10000 Series Denial of Service Vulnerability Cisco IOS Software Smart Install Remote Code Execution Vulnerability Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities Cisco IOS Software Data-Link Switching Vulnerability Cisco IOS Software Network Address Translation Vulnerabilities Cisco Unified Communications Manager Session Initiation Protocol Memory […]

Oct
4
2011
Wake on LAN through Internet
WOL-host

I write this tutorial to show how it is simple wakup a PC through Internet using WOL feature. What is WOL feature? Wake-on-LAN (WOL) is an Ethernet computer networking standard that allows a computer to be turned on or woken up by a network message. The message is usually sent by a program executed on another computer on the same local area network. It is also possible to initiate the message from another network by using Subnet directed broadcasts or a WOL gateway service. Wake-on-LAN is implemented using a special network message called a magic packet. The magic packet contains […]

Sep
13
2011
Cisco completes acquisition of AXIOSS Software Assets
Cisco-completes-acquisition-of-AXIOSS-Software-Assets

Cisco has completed its acquisition of service fulfillment software assets and associated employees from the UK subsidiary (formerly Axiom Systems) of Comptel Corporation (NASDAQ OMX Helsinki: CTL1V).  The acquisition gives Cisco the ability to extend network and service management technologies across its next-generation Internet Protocol (IP) network platforms, allowing service providers to quickly and efficiently launch new video, data, mobility and cloud services to their customers.

Sep
12
2011
August 2011: five Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published five important vulnerability advisories: Apache HTTPd Range Header Denial of Service Vulnerability Denial of Service Vulnerability in Cisco TelePresence Codecs Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server Cisco Unified Communications Manager Denial of Service Vulnerabilities Denial of Service Vulnerabilities in Cisco Intercompany Media Engine

Aug
5
2011
July 2011: three Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published three important vulnerability advisories: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability

Jul
7
2011
Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute exploit
cisco-exploit

The Cisco AnyConnect Secure Mobility Client, previously known as the Cisco AnyConnect VPN Client, is affected by the following vulnerabilities: Arbitrary Program Execution Vulnerability Local Privilege Escalation Vulnerability Cisco has released free software updates that address these vulnerabilities. There are no workarounds for this vulnerabilities. Below the source of the exploit (Only for test!).

Jul
6
2011
Cisco Unified Operations Manager exploits
cisco-exploit

Cisco Unified Operations Manager (CuOM) is a NMS for voice developed by Cisco Systems. Operations Manager monitors and evaluates the current status of both the IP communications infrastructure and the underlying transport infrastructure in your network. Multiple vulnerabilities have been identified in Cisco Unified Operations Manager and associated products. These vulnerabilities include: multiple blind SQL injections multiple XSS directory traversal vulnerability

Jul
5
2011
Cisco Security Agent Management Console ‘st_upload’ RCE Exploit
cisco-exploit

Cisco Security Agent provides threat protection for server and desktop computing systems. Cisco Security Agent can function in a standalone manner or can be managed by the Management Center for Cisco Security Agent. The Management Center for Cisco Security Agent is affected by a vulnerability that could allow an unauthenticated attacker to perform remote code execution on the affected device. A successful exploit could allow the attacker to modify agent policies and system configuration and perform other administrative tasks. Note: This vulnerability can be exploited only by sending certain packets to the web management interface, which by default listens on […]

Jul
4
2011
June 2011: four Cisco vulnerabilities
Cisco-vulnerabilities

The Cisco Product Security Incident Response Team (PSIRT) has published four important vulnerability advisories: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities in Cisco Unified IP Phones 7900 Series Default Credentials Vulnerability in Cisco Network Registrar Default Credentials for root Account on the Cisco Media Experience Engine 5600

Pages:«1...78910111213...27»