cisco

152 items tagged "cisco"

Related tags: session initiation protocol [+], regular expressions [+], protocol sip [+], directory traversal [+], ctm [+], cisco template [+], service [+], txt [+], service vulnerability [+], series [+], security [+], media [+], communications [+], cisco unified [+], cisco telepresence [+], cisco security [+], advisory [+], talk [+], set [+], digital [+], cisco warns [+], bypass [+], bugtraq [+], web management [+], videoconferencing [+], unified communications [+], tom cross [+], tar gz [+], tar [+], security perspective [+], operations manager [+], operations [+], ios [+], intercept technology [+], intercept [+], escalation [+], day [+], core architecture [+], content [+], code execution [+], cisco security advisory [+], cisco linksys [+], asa [+], arbitrary code execution [+], wrt [+], whitepaper [+], web [+], usa [+], switches [+], srp [+], site [+], shellcodes [+], server [+], security appliances [+], secure [+], root filesystem [+], privilege escalation vulnerability [+], port 8080 [+], ngs [+], newsroom [+], mobility [+], manager xss [+], management interface [+], linksys wrt54g [+], information disclosure vulnerability [+], guarding [+], gateway [+], g broadband [+], flaw [+], execution [+], directory [+], cve [+], cross [+], credentials [+], com [+], cisco small [+], cisco router [+], cisco event [+], business [+], black hat [+], backdoors [+], advertisement [+], adaptive security [+], webapps [+], web server module [+], web conference [+], warranty [+], vpn concentrator [+], vpn [+], translation [+], tracer [+], tcp packet [+], sql injection [+], rsa [+], remote [+], protocol [+], phone [+], notification [+], nexus [+], network address translation [+], network [+], meetingplace [+], manager sccp [+], manager denial [+], management [+], linksys [+], injection [+], implementation group [+], hackers [+], groupname [+], free software updates [+], firewall [+], exploits [+], evil [+], enumeration [+], emc smarts [+], dll [+], discs [+], desktop [+], cucmsip [+], cucm [+], csrf [+], content services [+], conference [+], concentrator [+], communications manager [+], common services [+], common [+], command [+], client [+], ciscoworks [+], cisco wag [+], cisco vpn [+], cisco patches [+], cisco packet tracer [+], cisco packet [+], cisco nexus [+], cisco ipsec [+], cisco css [+], cisco anyconnect [+], bypassing [+], buffer overflow vulnerability [+], appliances [+], address [+], ace [+], a cisco ios [+], vulnerability [+], xss [+], wrvs [+], wrv [+], wrf [+], wireless lan [+], windows [+], wag [+], vpn implementation [+], vpn client [+], vipr [+], videoconferencing products [+], video [+], type [+], turn [+], trial [+], tls [+], threat intelligence [+], threat [+], tftp server [+], temporary file [+], technical [+], target [+], switch focus [+], switch [+], surveillance network [+], surrender control [+], stealing [+], sql [+], spoofing [+], software security [+], softswitch [+], sms text message [+], slides [+], sip [+], security vulnerabilities [+], security researchers [+], security flaws [+], security agent [+], security advisories [+], secure desktop [+], section [+], scraps [+], rvs [+], router [+], retired [+], researchers [+], reputation [+], remote security [+], recording [+], policy security [+], poc [+], player [+], phishers [+], pgw [+], perspective [+], penetration [+], pdf [+], pc. [+], patches [+], patch [+], password [+], packet [+], nx os [+], number [+], null pointer [+], nsense [+], mpls [+], media experience [+], mac [+], loginpage [+], local [+], link [+], lan controller [+], lan [+], jonathan rosenberg [+], jhtml [+], javascript [+], japan [+], ironport [+], ipv [+], intelligence [+], identity [+], http [+], host device [+], hijacking [+], highly [+], here [+], hacker [+], gateway service [+], forgery [+], focus [+], flaws [+], experience engine [+], experience [+], engine database [+], engine [+], endpoint [+], down [+], dos vulnerability [+], dos [+], disaster [+], denial of service dos [+], denial [+], demo cisco wi [+], demo [+], cvp hackersperspective [+], css [+], critical systems [+], critical [+], creation vulnerability [+], control [+], contact center [+], contact [+], collaboration server [+], code [+], client privilege [+], cisco webex [+], cisco voip [+], cisco to [+], cisco tftp [+], cisco shoots [+], cisco secure [+], cisco rvs [+], cisco reconfigures [+], cisco phones [+], cisco pgw [+], cisco ime [+], cisco fixes [+], cisco dpc [+], cisco collaboration [+], cisco bugs [+], building [+], bugging devices [+], biannual [+], authors [+], authentication [+], audio [+], apple server [+], and [+], agent software [+], activex [+], access control [+], Wireless [+], Software [+], IPv6 [+], unified [+], safer use [+], vulnerabilities [+], denial of service [+], manager [+], cisco ios [+], multiple [+], cisco unified communications manager [+]

May 14, 2012
0:00
Vuln: Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
Tags: address network translation cisco-ios network-address-translation denial-of-service cisco

April 23, 2012
11:39
Newsroom.cisco.com Cross Site Scripting
» ‎ Packet Storm Security Exploits

Newsroom.cisco.com suffers from a cross site scripting vulnerability. The author tried to reach Cisco and did not get a response.
Tags: newsroom cisco com vulnerability

11:39
Newsroom.cisco.com Cross Site Scripting
» ‎ Packet Storm Security Recent Files

Newsroom.cisco.com suffers from a cross site scripting vulnerability. The author tried to reach Cisco and did not get a response.
Tags: newsroom cisco com vulnerability

11:39
Newsroom.cisco.com Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

Newsroom.cisco.com suffers from a cross site scripting vulnerability. The author tried to reach Cisco and did not get a response.
Tags: newsroom cisco com vulnerability

February 27, 2012
22:53
RSA: Cisco To Push Threat Intelligence To All Devices
» ‎ Packet Storm Security Headlines

RSA: Cisco To Push Threat Intelligence To All Devices
Tags: threat rsa intelligence cisco-to threat-intelligence cisco

February 23, 2012
21:42
Cisco Security Advisory 20120223-srp500
» ‎ Packet Storm Security Advisories

Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.
Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

21:42
Cisco Security Advisory 20120223-srp500
» ‎ Packet Storm Security Recent Files

Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.
Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

21:42
Cisco Security Advisory 20120223-srp500
» ‎ Packet Storm Security Misc. Files

Cisco Security Advisory - Cisco Small Business (SRP 500) Series Services Ready Platforms contains command injection, unauthenticated configuration upload, and directory traversal vulnerabilities.
Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

February 21, 2012
14:00
[webapps / 0day] - Cisco Linksys WAG54GS CSRF Change Admin Password
» ‎ 1337day (was: Inj3ct0r, 1337db)

[webapps / 0day] - Cisco Linksys WAG54GS CSRF Change Admin Password
Tags: wag day webapps cisco-linksys cisco

February 15, 2012
19:35
Cisco Security Advisory 20120215-nxos
» ‎ Packet Storm Security Misc. Files

Cisco Security Advisory - Cisco NX-OS Software is affected by a denial of service (DoS) vulnerability that could cause Cisco Nexus 1000v, 5000, and 7000 Series Switches that are running affected versions of Cisco NX-OS Software to reload when the IP stack processes a malformed IP packet. Cisco has released free software updates that address this vulnerability.
Tags: packet cisco Software cisco-security-advisory free-software-updates dos-vulnerability

January 18, 2012
0:00
Vuln: Cisco Digital Media Manager (CVE-2012-0329) Remote Privilege Escalation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Digital Media Manager (CVE-2012-0329) Remote Privilege Escalation Vulnerability
Tags: digital cisco media privilege-escalation-vulnerability escalation

January 11, 2012
15:54
Cisco Unified Service Monitor brstart add_dm Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco service emc-smarts code-execution safer-use
15:49
Cisco Unified Service Monitor brstart sm_read_string_length Code Execution Vulnerability
» ‎ SecuriTeam

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified Service Monitor due to bundled EMC SMARTS application server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco service emc-smarts code-execution safer-use

January 09, 2012
14:24
Cisco Template Manager 0.3.2
» ‎ Packet Storm Security Recent Files

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: ctm set manager cisco-template cisco regular-expressions

14:24
Cisco Template Manager 0.3.2
» ‎ Packet Storm Security Tools

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: ctm set manager cisco-template cisco regular-expressions

14:24
Cisco Template Manager 0.3.2
» ‎ Packet Storm Security Misc. Files

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: ctm set manager cisco-template cisco regular-expressions

December 08, 2011
8:00
Bugtraq: ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability
Tags: type player wrf cisco-webex code-execution vulnerability cisco
November 08, 2011
9:01
Bugtraq: Cisco CUCM - Multiple Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco CUCM - Multiple Vulnerabilities
Tags: vulnerabilities cisco

November 02, 2011
15:49
Cisco AnyConnect Secure Mobility Client Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities were discovered in Cisco AnyConnect Secure Mobility Client.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: safer-use cisco penetration

October 28, 2011
0:00
Vuln: Cisco Nexus OS 'section' and 'less' Local Command Injection Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Nexus OS 'section' and 'less' Local Command Injection Vulnerabilities
Tags: section local command cisco-nexus nexus cisco

October 27, 2011
7:46
Cisco Unified Contact Center Express Directory Traversal
» ‎ Packet Storm Security Advisories

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.
Tags: directory unified cisco root-filesystem port-8080 directory-traversal

7:46
Cisco Unified Contact Center Express Directory Traversal
» ‎ Packet Storm Security Recent Files

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.
Tags: directory unified cisco root-filesystem port-8080 directory-traversal

7:46
Cisco Unified Contact Center Express Directory Traversal
» ‎ Packet Storm Security Misc. Files

The default deployment of Cisco Unified Contact Center Express (UCCX) system is configured with multiple listening services. The web service that is listening on TCP port 9080, or on TCP port 8080 in versions prior to 8.0(x), serves a directory which is configured in a way that allows for a remote unauthenticated attacker to retrieve arbitrary files from the UCCX root filesystem through a directory traversal attack. It is possible for an attacker to use this vector to gain console access to the vulnerable node as the 'ccxcluster' user, and subsequently escalate privileges.
Tags: directory unified cisco root-filesystem port-8080 directory-traversal

7:34
Cisco Warns Of Remote Code Flaw In Security Agent Software
» ‎ Packet Storm Security Headlines

Cisco Warns Of Remote Code Flaw In Security Agent Software
Tags: code remote flaw cisco-warns security-agent agent-software cisco

October 24, 2011
17:59
Cisco Media Experience Engine 5600 Default Credentials Vulnerability
» ‎ SecuriTeam

A Default credentials vulnerability was identified in Cisco Media Experience Engine 5600.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: cisco media experience experience-engine safer-use media-experience

11:04
Bugtraq: [CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues.
» ‎ SecurityFocus Vulnerabilities

[CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues.
Tags: injection nx-os command cisco-nexus cve nexus cisco
October 11, 2011
0:00
Vuln: Cisco IOS Smart Install Remote Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco IOS Smart Install Remote Code Execution Vulnerability
Tags: code-execution vulnerability cisco
October 03, 2011
0:00
Vuln: Cisco Identity Services Engine Database Default Credentials Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Identity Services Engine Database Default Credentials Security Bypass Vulnerability
Tags: engine cisco identity engine-database vulnerability credentials
0:00
Vuln: Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco IOS Network Address Translation Multiple Denial of Service Vulnerabilities
Tags: address network translation cisco-ios network-address-translation denial-of-service cisco
September 29, 2011
0:00
Vuln: Cisco IOS IPv6 over MPLS Multiple Denial of Service Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco IOS IPv6 over MPLS Multiple Denial of Service Vulnerabilities
Tags: multiple ipv mpls cisco-ios denial-of-service IPv6 cisco
September 26, 2011
0:00
Vuln: Cisco IOS Data-Link Switching CVE-2011-1625 Remote Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco IOS Data-Link Switching CVE-2011-1625 Remote Denial of Service Vulnerability
Tags: cisco ios link cisco-ios service-vulnerability denial-of-service
September 19, 2011
8:00
Bugtraq: Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
» ‎ SecurityFocus Vulnerabilities

Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Tags: cisco-telepresence vulnerabilities cisco

September 18, 2011
21:00
[webapps / 0day] - Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
» ‎ 1337day (was: Inj3ct0r, 1337db)

[webapps / 0day] - Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Tags: vulnerabilities multiple day cisco-telepresence cisco
14:00
[webapps / 0day] - Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
» ‎ 1337day (was: Inj3ct0r, 1337db)

[webapps / 0day] - Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
Tags: vulnerabilities multiple day cisco-telepresence cisco

August 17, 2011
17:09
Cisco Unified Communications Manager Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities were discovered in Cisco Unified Communications Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco communications safer-use unified-communications communications-manager

August 05, 2011
8:51
Cisco Warns Of Warranty Discs Over Evil
» ‎ Packet Storm Security Headlines

Cisco Warns Of Warranty Discs Over Evil
Tags: warranty discs evil cisco-warns cisco
8:51
Cisco Warns Of Warranty Discs Of Evil
» ‎ Packet Storm Security Headlines

Cisco Warns Of Warranty Discs Of Evil
Tags: warranty discs evil cisco-warns cisco

July 27, 2011
0:00
Vuln: Cisco SA 500 Series Appliances Web Management Interface Remote Command Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco SA 500 Series Appliances Web Management Interface Remote Command Injection Vulnerability
Tags: appliances series cisco management-interface web-management vulnerability
0:00
Vuln: Cisco SA 500 Series Appliances Web Management Interface (CVE-2011-2546) SQL Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco SA 500 Series Appliances Web Management Interface (CVE-2011-2546) SQL Injection Vulnerability
Tags: appliances series cisco management-interface web-management vulnerability
July 07, 2011
0:00
Vuln: Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
Tags: arbitrary-code-execution vulnerability cisco

July 05, 2011
17:42
Cisco Drives Epic Chinese Surveillance Network, Says Report
» ‎ Packet Storm Security Headlines

Cisco Drives Epic Chinese Surveillance Network, Says Report
Tags: surveillance-network cisco
July 01, 2011
20:33
Phishers Switch Focus To Targeted Attacks, Warns Cisco
» ‎ Packet Storm Security Headlines

Phishers Switch Focus To Targeted Attacks, Warns Cisco
Tags: phishers focus switch switch-focus cisco

June 26, 2011
14:59
Cisco TelePresence Recording Server Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities exist within the Cisco TelePresence Recording Server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: recording server multiple cisco-telepresence safer-use cisco
14:54
Cisco TelePresence Manager Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities exist in the Cisco TelePresence Manager.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerabilities multiple manager cisco-telepresence safer-use cisco
June 21, 2011
20:49
Cisco TelePresence Endpoint Devices Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities exist in the Cisco TelePresence solution.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerabilities endpoint multiple cisco-telepresence safer-use cisco
20:49
Cisco ASA 5500 Series Adaptive Security Appliance Multiple Vulnerabilities
» ‎ SecuriTeam

Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple vulnerabilities.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: series asa cisco adaptive-security security-appliances safer-use

June 17, 2011
0:00
Vuln: Cisco RVS4000/WRVS4400N Web Management Interface Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco RVS4000/WRVS4400N Web Management Interface Information Disclosure Vulnerability
Tags: management rvs cisco information-disclosure-vulnerability management-interface web-management
0:00
Vuln: Cisco RVS4000 and WRVS4400N Web Management Private/Public Key's Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco RVS4000 and WRVS4400N Web Management Private/Public Key's Information Disclosure Vulnerability
Tags: web management wrvs cisco-rvs information-disclosure-vulnerability web-management cisco
June 07, 2011
0:00
Vuln: Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
Tags: secure mobility execution cisco arbitrary-code-execution vulnerability

June 06, 2011
21:00
[remote exploits] - Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - Cisco AnyConnect VPN Client ActiveX URL Property Download and Execute
Tags: client activex vpn cisco-anyconnect vpn-client exploits cisco

June 03, 2011
0:00
Vuln: Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
Tags: secure mobility execution cisco arbitrary-code-execution vulnerability
June 02, 2011
0:00
Vuln: Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability
Tags: secure mobility execution cisco arbitrary-code-execution vulnerability

May 25, 2011
19:09
Cisco Fixes Five Security Flaws In Router And IOS Lines
» ‎ Packet Storm Security Headlines

Cisco Fixes Five Security Flaws In Router And IOS Lines
Tags: router ios security cisco-fixes security-flaws cisco

May 23, 2011
7:22
Cisco Router Advertisement Guarding Bypass
» ‎ Packet Storm Security Advisories

Cisco switches that support the Router Advertisement Guarding feature suffer from a bypass vulnerability.
Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

7:22
Cisco Router Advertisement Guarding Bypass
» ‎ Packet Storm Security Recent Files

Cisco switches that support the Router Advertisement Guarding feature suffer from a bypass vulnerability.
Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

7:22
Cisco Router Advertisement Guarding Bypass
» ‎ Packet Storm Security Misc. Files

Cisco switches that support the Router Advertisement Guarding feature suffer from a bypass vulnerability.
Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

May 18, 2011
7:17
Cisco Unified Operations Manager XSS / SQL Injection / Directory Traversal
» ‎ Packet Storm Security Exploits

Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected.
Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

7:17
Cisco Unified Operations Manager XSS / SQL Injection / Directory Traversal
» ‎ Packet Storm Security Recent Files

Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected.
Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

7:17
Cisco Unified Operations Manager XSS / SQL Injection / Directory Traversal
» ‎ Packet Storm Security Misc. Files

Cisco Unified Operations Manager suffers from cross site scripting, remote SQL injection, and directory traversal vulnerabilities. Versions 8.0 and 8.5 are affected.
Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

May 17, 2011
21:00
[remote exploits] - Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
» ‎ 1337day (was: Inj3ct0r, 1337db)

[remote exploits] - Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006
Tags: unified cisco operations operations-manager vulnerabilities exploits

18:51
Cisco Shoots Down Talk Of Phone Flaws
» ‎ Packet Storm Security Headlines

Cisco Shoots Down Talk Of Phone Flaws
Tags: talk phone down cisco-shoots cisco
May 13, 2011
18:54
Hackers Turn Cisco Phones Into Remote Bugging Devices
» ‎ Packet Storm Security Headlines

Hackers Turn Cisco Phones Into Remote Bugging Devices
Tags: hackers remote turn cisco-phones bugging-devices cisco

May 02, 2011
0:00
Vuln: Cisco Unified Communications Manager 'xmldirectorylist.jsp' Multiple SQL Injection Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Communications Manager 'xmldirectorylist.jsp' Multiple SQL Injection Vulnerabilities
Tags: unified cisco communications cisco-unified-communications-manager unified-communications sql-injection

April 29, 2011
7:34
Cisco Warns Users Of DoS, SQL Injection Flaws
» ‎ Packet Storm Security Headlines

Cisco Warns Users Of DoS, SQL Injection Flaws
Tags: injection dos sql cisco-warns sql-injection cisco

April 28, 2011
20:14
Linksys WRT54G Cross Site Scripting
» ‎ Packet Storm Security Exploits

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

20:14
Linksys WRT54G Cross Site Scripting
» ‎ Packet Storm Security Recent Files

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

20:14
Linksys WRT54G Cross Site Scripting
» ‎ Packet Storm Security Misc. Files

The Cisco Linksys Wireless G Broadband Router WRT54G with firmware version 4.21.1 suffers from a cross site scripting vulnerability.
Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

April 01, 2011
13:34
Cisco Patches Password Stealing Flaw In Secure Access Control
» ‎ Packet Storm Security Headlines

Cisco Patches Password Stealing Flaw In Secure Access Control
Tags: stealing password flaw cisco-patches access-control cisco patches

March 25, 2011
9:00
Bugtraq: NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation
» ‎ SecurityFocus Vulnerabilities

NGS00051 Patch Notification: Cisco VPN Client Privilege Escalation
Tags: escalation notification ngs cisco client-privilege
March 22, 2011
10:00
Bugtraq: NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration
» ‎ SecurityFocus Vulnerabilities

NGS00014 Technical Advisory: Cisco IPSec VPN Implementation Group Name Enumeration
Tags: advisory technical ngs cisco-ipsec implementation-group cisco

March 21, 2011
14:20
Cisco Scraps Biannual Advisory Due To Japan Disaster
» ‎ Packet Storm Security Headlines

Cisco Scraps Biannual Advisory Due To Japan Disaster
Tags: scraps cisco biannual disaster japan

March 17, 2011
10:05
Bugtraq: Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories
» ‎ SecurityFocus Vulnerabilities

Deferral Announcement for the March 2011 Cisco IOS Software Security Advisories
Tags: security-advisories software-security cisco

March 13, 2011
23:45
Cisco Content Services Gateway Multiple vulnerabilities
» ‎ SecuriTeam

A service policy bypass and two Denial of Service vulnerabilities exist in the Cisco Content Services Gateway - Second Generation (CSG2).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: content service cisco safer-use denial-of-service content-services

February 25, 2011
14:00
[webapps / 0day] - Linksys Cisco WAG120N CSRF Vulnerability
» ‎ 1337day (was: Inj3ct0r, 1337db)

[webapps / 0day] - Linksys Cisco WAG120N CSRF Vulnerability
Tags: day linksys webapps vulnerability cisco

13:00
Bugtraq: Re: Linksys Cisco Wag120N CSRF Vulnerability
» ‎ SecurityFocus Vulnerabilities

Re: Linksys Cisco Wag120N CSRF Vulnerability
Tags: bugtraq vulnerability csrf cisco-wag cisco
11:00
Bugtraq: Linksys Cisco Wag120N CSRF Vulnerability
» ‎ SecurityFocus Vulnerabilities

Linksys Cisco Wag120N CSRF Vulnerability
Tags: bugtraq vulnerability csrf cisco-wag linksys cisco

February 16, 2011
8:21
RSA: Cisco Reconfigures For Reputation Based Security
» ‎ Packet Storm Security Headlines

RSA: Cisco Reconfigures For Reputation Based Security
Tags: rsa reputation security cisco-reconfigures cisco

February 01, 2011
12:00
Bugtraq: Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Security Advisory: Multiple Cisco WebEx Player Vulnerabilities
Tags: advisory cisco security cisco-security bugtraq vulnerabilities
January 26, 2011
0:00
Vuln: Cisco Content Services Gateway Malformed TCP Packet (CVE-2011-0349) Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Content Services Gateway Malformed TCP Packet (CVE-2011-0349) Denial of Service Vulnerability
Tags: content gateway cisco service-vulnerability denial-of-service tcp-packet
0:00
Vuln: Cisco Content Services Gateway Service Policy Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Content Services Gateway Service Policy Security Bypass Vulnerability
Tags: content gateway cisco gateway-service content-services policy-security
0:00
Vuln: Cisco Content Services Gateway Malformed TCP Packet (CVE-2011-0350) Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Content Services Gateway Malformed TCP Packet (CVE-2011-0350) Denial of Service Vulnerability
Tags: content gateway cisco service-vulnerability denial-of-service tcp-packet

January 20, 2011
14:01
Cisco: Windows Not The Only Hacker Target Anymore
» ‎ Packet Storm Security Headlines

Cisco: Windows Not The Only Hacker Target Anymore
Tags: hacker cisco windows target

January 12, 2011
13:58
Cisco Unified Videoconferencing Products Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple Vulnerabilities were identified in Cisco Unified Videoconferencing Products.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerabilities multiple videoconferencing cisco-unified videoconferencing-products safer-use cisco

December 25, 2010
19:22
Bypassing A Cisco IOS Firewall
» ‎ Packet Storm Security Recent Files

Whitepaper called Bypassing A Cisco IOS Firewall.
Tags: bypassing firewall whitepaper a-cisco-ios cisco-ios cisco

19:22
Bypassing A Cisco IOS Firewall
» ‎ Packet Storm Security Misc. Files

Whitepaper called Bypassing A Cisco IOS Firewall.
Tags: bypassing firewall whitepaper a-cisco-ios cisco-ios cisco

December 15, 2010
15:22
Video calling from your cell phone
» ‎ Wirevolution

Although phone numbers are an antiquated kind of thing, we are sufficiently beaten down by the machines that we think of it as natural to identify a person by a 10 digit number. Maybe the demise of the numeric phone keypad as big touch-screens take over will change matters on this front. But meanwhile, phone numbers are holding us back in important ways. Because phone numbers are bound to the PSTN, which doesn’t carry video calls, it is harder to make video calls than voice, because we don’t have people’s video addresses so handy.

This year, three new products attempted to address this issue in remarkably similar ways – clearly an idea whose time has come. The products are Apple’s FaceTime, Cisco’s IME and a startup product called Tango.

In all three of these products, you make a call to a regular phone number, which triggers a video session over the Internet. You only need the phone number – the Internet addressing is handled automatically. The two problems the automatic addressing has to handle are finding a candidate address, then verifying that it is the right one. Here’s how each of those three new products does the job:

1. FaceTime. When you first start FaceTime, it sends an SMS (text message) to an Apple server. The SMS contains sufficient information for the Apple server to reliably associate your phone number with the XMPP (push services) client running on your iPhone. With this authentication performed, anybody else who has your phone number in their address book on their iPhone or Mac can place a videophone call to you via FaceTime.

2. Cisco IME (Inter-Company Media Engine). The protocol used by IME to securely associate your phone number with your IP address is ViPR (Verification Involving PSTN Reachability), an open protocol specified in several IETF drafts co-authored by Jonathan Rosenberg who is now at Skype. ViPR can be embodied in a network box like IME, or in an endpoint like a phone of PC.
Here’s how it works: you make a phone call in the usual way. After you hang up, ViPR looks up the phone number you called to see if it is also ViPR-enabled. If it is, ViPR performs a secure mutual verification, by using proof-of-knowledge of the previous PSTN call as a shared secret. The next time you dial that phone number, ViPR makes the call through the Internet rather than through the phone network, so you can do wideband audio and video with no per-minute charge. A major difference between ViPR and FaceTime or Tango is that ViPR does not have a central registration server. The directory that ViPR looks up phone numbers in is stored in a distributed hash table (DHT). This is basically a distributed database with the contents stored across the network. Each ViPR participant contributes a little bit of storage to the network. The DHT itself defines an algorithm – called Chord – which describes how each node connects to other nodes, and how to look up information.

3. Tango, like FaceTime, has its own registration servers. The authentication on these works slightly differently. When you register with Tango, it looks in the address book on your iPhone for other registered Tango users, and displays them in your Tango address book. So if you already know somebody’s phone number, and that person is a registered Tango user, Tango lets you call them in video over the Internet.

Tags: number vipr phone jonathan-rosenberg mac cisco-ime pc. here sms-text-message apple-server cisco

December 08, 2010
11:10
Cisco Template Manager 0.3.0
» ‎ Packet Storm Security Recent Files

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: ctm set manager cisco-template cisco regular-expressions

11:10
Cisco Template Manager 0.3.0
» ‎ Packet Storm Security Misc. Files

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: ctm set manager cisco-template cisco regular-expressions

December 06, 2010
0:00
Vuln: Cisco Unified Videoconferencing Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Videoconferencing Security Bypass Vulnerability
Tags: videoconferencing bypass security cisco-unified vulnerability cisco
December 02, 2010
8:00
Bugtraq: NGS00014 Patch Notification: Cisco IPSec VPN Implementation Group Name Enumeration
» ‎ SecurityFocus Vulnerabilities

NGS00014 Patch Notification: Cisco IPSec VPN Implementation Group Name Enumeration
Tags: notification ngs patch cisco-ipsec vpn-implementation implementation-group cisco
0:00
Vuln: Cisco VPN Concentrator Groupname Enumeration Weakness
» ‎ SecurityFocus Vulnerabilities

Cisco VPN Concentrator Groupname Enumeration Weakness
Tags: enumeration groupname concentrator cisco-vpn vpn-concentrator cisco
December 01, 2010
0:00
Vuln: Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability
Tags: common cisco ciscoworks buffer-overflow-vulnerability web-server-module common-services
November 29, 2010
0:00
Vuln: Cisco VPN Concentrator Groupname Enumeration Weakness
» ‎ SecurityFocus Vulnerabilities

Cisco VPN Concentrator Groupname Enumeration Weakness
Tags: enumeration groupname concentrator cisco-vpn vpn-concentrator cisco

November 26, 2010
14:50
Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities
» ‎ SecuriTeam

Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco service session-initiation-protocol protocol-sip denial-of-service-dos

November 18, 2010
0:00
Vuln: RETIRED: Cisco Unified Videoconferencing Multiple Vulnerabilities and Weakness
» ‎ SecurityFocus Vulnerabilities

RETIRED: Cisco Unified Videoconferencing Multiple Vulnerabilities and Weakness
Tags: multiple videoconferencing retired cisco-unified vulnerabilities cisco
November 17, 2010
8:05
Bugtraq: Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010-3038
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010-3038
Tags: bugtraq cve videoconferencing cisco-unified vulnerabilities cisco
November 08, 2010
9:00
Bugtraq: nSense-2010-003: Cisco Unified Communications Manager
» ‎ SecurityFocus Vulnerabilities

nSense-2010-003: Cisco Unified Communications Manager
Tags: unified cisco communications manager nsense- unified-communications communications-manager
November 05, 2010
0:00
Vuln: Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco CiscoWorks Common Services Web Server Module Buffer Overflow Vulnerability
Tags: common cisco ciscoworks buffer-overflow-vulnerability web-server-module common-services
October 29, 2010
0:00
Vuln: Cisco AnyConnect VPN Trial Client Insecure Temporary File Creation Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco AnyConnect VPN Trial Client Insecure Temporary File Creation Vulnerability
Tags: client vpn trial cisco-anyconnect creation-vulnerability temporary-file cisco

October 28, 2010
1:00
cisco-sa-20101027-cs.txt
» ‎ Packet Storm Security Advisories

Cisco Security Advisory - CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator. Cisco has released free software updates that address this vulnerability. There are no workarounds that mitigate this vulnerability. Mitigations that limit the attack surface of this vulnerability are available.
Tags: txt vulnerability cisco free-software-updates cisco-security host-device

October 26, 2010
20:03
ctm-0.2.1.tar.gz
» ‎ Packet Storm Security Tools

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: tar manager ctm cisco-template tar-gz cisco regular-expressions

October 10, 2010
18:37
Cisco Unified Communications Manager Denial of Service Vulnerabilities
» ‎ SecuriTeam

Cisco Unified Communications Manager contains two denial of service vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco service manager-denial session-initiation-protocol protocol-sip denial-of-service
18:37
Cisco Unified Communications Manager Denial of Service Vulnerabilities
» ‎ SecuriTeam

Cisco Unified Communications Manager contains two denial of service vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: unified cisco service manager-denial session-initiation-protocol protocol-sip denial-of-service
October 03, 2010
23:53
Cisco ASA 5500 Series Adaptive Security Appliances Multiple Vulnerabilities
» ‎ SecuriTeam

Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple vulnerabilities.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: series asa cisco security-appliances adaptive-security safer-use

September 24, 2010
14:00
[dos / poc] - Cisco WRV210 null pointer dereference
» ‎ 1337day (was: Inj3ct0r, 1337db)

[dos / poc] - Cisco WRV210 null pointer dereference
Tags: poc cisco wrv null-pointer

September 23, 2010
0:00
Cisco Patches Critical IOS And UC Flaws
» ‎ Packet Storm Security Headlines

Cisco Patches Critical IOS And UC Flaws
Tags: and critical ios cisco-patches cisco

September 22, 2010
19:01
cisco-sa-20100922-cucmsip.txt
» ‎ Packet Storm Security Recent Files

Cisco Security Advisory - Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
Tags: txt cisco cucmsip session-initiation-protocol protocol-sip cisco-unified-communications-manager

19:00
cisco-sa-20100922-cucmsip.txt
» ‎ Packet Storm Security Advisories

Cisco Security Advisory - Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
Tags: txt cisco cucmsip session-initiation-protocol protocol-sip cisco-unified-communications-manager

10:00
Bugtraq: Cisco Security Advisory: Cisco IOS SSL VPN Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Security Advisory: Cisco IOS SSL VPN Vulnerability
Tags: advisory cisco security cisco-security cisco-ios bugtraq
0:00
Vuln: Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
Tags: unified cisco communications cisco-unified-communications-manager denial-of-service unified-communications
September 13, 2010
0:00
Vuln: Cisco Wireless LAN Controller CVE-2010-3034 ACL Security Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Wireless LAN Controller CVE-2010-3034 ACL Security Bypass Vulnerability
Tags: lan Wireless cisco lan-controller wireless-lan cve

August 25, 2010
23:38
cisco-sa-20100825-cucm.txt
» ‎ Packet Storm Security Recent Files

Cisco Security Advisory - Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
Tags: txt cisco cucm session-initiation-protocol cisco-unified-communications-manager protocol-sip

23:38
ciscopackettracer-dllhijack.txt
» ‎ Packet Storm Security Exploits

Cisco Packet Tracer version 5.2 DLL hijacking exploit that leverages wintab32.dll.
Tags: tracer txt dll cisco-packet cisco-packet-tracer cisco

23:38
cisco-sa-20100825-cucm.txt
» ‎ Packet Storm Security Advisories

Cisco Security Advisory - Cisco Unified Communications Manager contains two denial of service (DoS) vulnerabilities that affect the processing of Session Initiation Protocol (SIP) messages. Exploitation of these vulnerabilities could cause an interruption of voice services.
Tags: txt cisco cucm session-initiation-protocol cisco-unified-communications-manager protocol-sip

14:52
Cisco Packet Tracer 5.2 DLL Hijacking Exploit (wintab32.dll)
» ‎ 1337day (was: Inj3ct0r, 1337db)

Cisco Packet Tracer 5.2 DLL Hijacking Exploit (wintab32.dll)
Tags: tracer dll hijacking cisco-packet cisco-packet-tracer cisco

August 04, 2010
0:00
Vuln: Cisco ASA 5500 Series TLS Packet CVE-2010-1581 Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco ASA 5500 Series TLS Packet CVE-2010-1581 Denial of Service Vulnerability
Tags: series asa cisco service-vulnerability denial-of-service tls

July 26, 2010
20:35
CVP-HackersPerspective.pdf
» ‎ Packet Storm Security Misc. Files

Whitepaper called Cisco VoIP Phone - A Hackers Perspective.
Tags: cvp-hackersperspective pdf whitepaper cisco-voip cisco hackers perspective

20:18
Cisco Unified Contact Center Express Vulnerabilities
» ‎ SecuriTeam

Multiple vulnerabilities were identified in Cisco Unified Contact Center Express.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: contact unified cisco safer-use contact-center
20:18
Cisco PGW Softswitch Multiple Vulnerabilities
» ‎ SecuriTeam

Multiple Vulnerabilities were identified on Cisco PGW Softswitch.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: vulnerabilities multiple softswitch cisco-pgw safer-use pgw cisco

July 15, 2010
0:00
Vuln: Cisco CSS/ACE Multiple Remote Security Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco CSS/ACE Multiple Remote Security Vulnerabilities
Tags: css cisco ace cisco-css remote-security security-vulnerabilities
July 08, 2010
0:00
Vuln: Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
Tags: conference web meetingplace cisco-unified web-conference cisco
July 05, 2010
0:00
Vuln: Cisco CSS/ACE Certificate Spoofing and HTTP Response Splitting Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco CSS/ACE Certificate Spoofing and HTTP Response Splitting Vulnerabilities
Tags: cisco-css spoofing cisco

June 30, 2010
6:58
[Audio] Cisco IOS Shellcodes/Backdoors
» ‎ SecDocs

Authors: Gyan Chawdhary Varun Uppal
Tags: shellcode backdoor Cisco
Event: Black Hat USA 2008

Tags: audio shellcodes backdoors cisco-event cisco-ios usa black-hat cisco
6:58
[Slides] Cisco IOS Shellcodes/Backdoors
» ‎ SecDocs

Authors: Gyan Chawdhary Varun Uppal
Tags: shellcode backdoor Cisco
Event: Black Hat USA 2008

Tags: authors shellcodes backdoors cisco-event cisco-ios usa black-hat cisco slides
6:58
[Video] Cisco IOS Shellcodes/Backdoors
» ‎ SecDocs

Authors: Gyan Chawdhary Varun Uppal
Tags: shellcode backdoor Cisco
Event: Black Hat USA 2008

Tags: video shellcodes backdoors cisco-event cisco-ios usa black-hat cisco

June 24, 2010
0:00
Vuln: Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco Unified MeetingPlace Web Conference Multiple Cross Site Scripting Vulnerabilities
Tags: conference web meetingplace cisco-unified web-conference cisco

May 26, 2010
0:00
Cisco Bugs Surrender Control Of Building's Critical Systems
» ‎ Packet Storm Security Headlines

Cisco Bugs Surrender Control Of Building's Critical Systems
Tags: control building cisco-bugs surrender-control critical-systems cisco

May 25, 2010
0:00
Vuln: Cisco IronPort Desktop Flag Plug-in for Outlook Send Secure Information Disclosure Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco IronPort Desktop Flag Plug-in for Outlook Send Secure Information Disclosure Vulnerability
Tags: desktop ironport cisco information-disclosure-vulnerability
May 24, 2010
0:00
Vuln: Cisco DPC2100 Multiple Security Bypass and Cross-Site Request Forgery Vulnerabilities
» ‎ SecurityFocus Vulnerabilities

Cisco DPC2100 Multiple Security Bypass and Cross-Site Request Forgery Vulnerabilities
Tags: multiple bypass security cisco-dpc forgery vulnerabilities cisco

May 20, 2010
21:19
Cisco Digital Media Manager Privilege Escalation Vulnerability
» ‎ SecuriTeam

A vulnerability related to privilege escalation exists in the Cisco Digital Media Manager (DMM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: digital cisco media privilege-escalation-vulnerability safer-use escalation

May 14, 2010
21:04
[Video] Exploiting Lawful Intercept to Wiretap the Internet
» ‎ SecDocs

Authors: Tom Cross
Tags: forensic network Cisco sniffer
Event: Black Hat DC 2010
Abstract: Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.
Tags: talk cisco intercept tom-cross intercept-technology core-architecture security-perspective
21:04
[Slides] Exploiting Lawful Intercept to Wiretap the Internet
» ‎ SecDocs

Authors: Tom Cross
Tags: forensic network Cisco sniffer
Event: Black Hat DC 2010
Abstract: Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.
Tags: talk cisco intercept tom-cross intercept-technology core-architecture security-perspective
21:04
[Paper] Exploiting Lawful Intercept to Wiretap the Internet
» ‎ SecDocs

Authors: Tom Cross
Tags: forensic network Cisco sniffer
Event: Black Hat DC 2010
Abstract: Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.
Tags: talk cisco intercept tom-cross intercept-technology core-architecture security-perspective
21:04
[Audio] Exploiting Lawful Intercept to Wiretap the Internet
» ‎ SecDocs

Authors: Tom Cross
Tags: forensic network Cisco sniffer
Event: Black Hat DC 2010
Abstract: Many governments require telecommunications companies to provide interfaces that law enforcement can use to monitor their customer's communications. If these interfaces are poorly designed, implemented, or managed they can provide a backdoor for attackers to perform surveillance without lawful authorization. Most lawful intercept technology is proprietary and difficult to peer review. Fortunately, Cisco has published the core architecture of it's lawful intercept technology in an Internet Draft and a number of public configuration guides. This talk will review Cisco's architecture for lawful intercept from a security perspective. The talk will explain how a number of different weaknesses in its design coupled with publicly disclosed security vulnerabilities could enable a malicious person to access the interface and spy on communications without leaving a trace. The talk will explain what steps network operators need to take to protect this interface. The talk will also provide a set of recommendations for the redesign of the interface as well as SNMP authentication in general to better mitigate the security risks.
Tags: talk cisco intercept tom-cross intercept-technology core-architecture security-perspective

May 07, 2010
8:00
Bugtraq: Vulnerability with Cisco ACE. A2 3.0 (probably all version)
» ‎ SecurityFocus Vulnerabilities

Vulnerability with Cisco ACE. A2 3.0 (probably all version)
Tags: vulnerability cisco ace

May 01, 2010
17:39
Cisco Digital Media Manager Privilege Escalation Vulnerability
» ‎ SecuriTeam

A vulnerability related to privilege escalation exists in the Cisco Digital Media Manager (DMM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: digital cisco media privilege-escalation-vulnerability safer-use escalation
April 27, 2010
16:04
Cisco Digital Media Manager Default Credentials Vulnerability
» ‎ SecuriTeam

A vulnerability related to default credentials exists in the Cisco Digital Media Manager (DMM).
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: digital cisco media safer-use vulnerability credentials

April 19, 2010
17:01
ctm-0.2.0.tar.gz
» ‎ Packet Storm Security Tools

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: tar manager ctm cisco-template tar-gz cisco regular-expressions

17:01
ctm-0.2.0.tar.gz
» ‎ Packet Storm Security Recent Files

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: tar manager ctm cisco-template tar-gz cisco regular-expressions

April 16, 2010
0:00
Security Researchers Demo Cisco Wi-Fi Flaws
» ‎ Packet Storm Security Headlines

Security Researchers Demo Cisco Wi-Fi Flaws
Tags: flaws researchers demo-cisco-wi- security-researchers cisco demo

April 11, 2010
21:07
Cisco ASA 5500 Series Adaptive Security Appliances Multiple Vulnerabilities
» ‎ SecuriTeam

Cisco ASA 5500 Series Adaptive Security Appliances are affected by multiple vulnerabilities. Affected versions of Cisco ASA Software vary depending on the specific vulnerability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!

Tags: series asa cisco security-appliances adaptive-security safer-use

April 05, 2010
19:52
ctm-0.1.0.tar.gz
» ‎ Packet Storm Security Tools

Cisco Template Manager (CTM) is a set of tools that make it easy to manage Cisco configurations over a whole network based on your self-defined templates. Templates support regular expressions. It works with the C760x, C730x, C37xx, C35xx, C29xx, C28xx, C18xx, and C17xx series.
Tags: tar manager ctm cisco-template tar-gz cisco regular-expressions

March 30, 2010
0:00
Vuln: Cisco IOS HTTP Service HTML Injection Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco IOS HTTP Service HTML Injection Vulnerability
Tags: cisco http ios cisco-ios vulnerability

March 26, 2010
0:00
Cisco Warns Of Highly Critical SIP Flaw
» ‎ Packet Storm Security Headlines

Cisco Warns Of Highly Critical SIP Flaw
Tags: sip flaw highly cisco-warns cisco

March 25, 2010
12:16
Cisco TFTP Server 1.1 Denial of Service Exploit
» ‎ 1337day (was: Inj3ct0r, 1337db)

Cisco TFTP Server 1.1 Denial of Service Exploit
Tags: server denial service cisco-tftp denial-of-service tftp-server cisco

March 12, 2010
0:00
Vuln: Cisco Unified Communications Manager SCCP (CVE-2010-0588) Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Communications Manager SCCP (CVE-2010-0588) Denial of Service Vulnerability
Tags: unified cisco communications manager-sccp cisco-unified-communications-manager service-vulnerability denial-of-service
0:00
Vuln: Cisco Unified Communications Manager SCCP (CVE-2010-0587) Denial of Service Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Unified Communications Manager SCCP (CVE-2010-0587) Denial of Service Vulnerability
Tags: unified cisco communications manager-sccp cisco-unified-communications-manager service-vulnerability denial-of-service
0:00
Vuln: Cisco Digital Media Manager Default Credentials Authentication Bypass Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Digital Media Manager Default Credentials Authentication Bypass Vulnerability
Tags: digital cisco media vulnerability credentials authentication

March 03, 2010
14:00
cisco-sa-20100303-cucm.txt
» ‎ Packet Storm Security Recent Files

Cisco Security Advisory - Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.
Tags: protocol manager cisco session-initiation-protocol cisco-unified-communications-manager protocol-sip

14:00
cisco-sa-20100303-cucm.txt
» ‎ Packet Storm Security Advisories

Cisco Security Advisory - Cisco Unified Communications Manager (formerly Cisco CallManager) contains multiple denial of service (DoS) vulnerabilities that if exploited could cause an interruption of voice services. The Session Initiation Protocol (SIP), Skinny Client Control Protocol (SCCP) and Computer Telephony Integration (CTI) Manager services are affected by these vulnerabilities.
Tags: protocol manager cisco session-initiation-protocol cisco-unified-communications-manager protocol-sip

February 12, 2010
0:00
Vuln: Cisco Collaboration Server 'LoginPage.jhtml' Cross Site Scripting Vulnerability
» ‎ SecurityFocus Vulnerabilities

Cisco Collaboration Server 'LoginPage.jhtml' Cross Site Scripting Vulnerability
Tags: jhtml server loginpage cisco-collaboration collaboration-server vulnerability cisco
February 01, 2010
16:00
Bugtraq: [CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection
» ‎ SecurityFocus Vulnerabilities

[CORE-2010-0106] Cisco Secure Desktop XSS/JavaScript Injection
Tags: desktop javascript xss cisco-secure secure-desktop cisco

jetlib.sec » Tags » cisco

Feeds

152 items tagged "cisco"

Tags: address network translation cisco-ios network-address-translation denial-of-service cisco

Tags: newsroom cisco com vulnerability

Tags: newsroom cisco com vulnerability

Tags: newsroom cisco com vulnerability

Tags: threat rsa intelligence cisco-to threat-intelligence cisco

Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

Tags: srp advisory business cisco-small cisco-security cisco-security-advisory directory-traversal cisco

Tags: wag day webapps cisco-linksys cisco

Tags: packet cisco Software cisco-security-advisory free-software-updates dos-vulnerability

Tags: digital cisco media privilege-escalation-vulnerability escalation

Tags: unified cisco service emc-smarts code-execution safer-use

Tags: unified cisco service emc-smarts code-execution safer-use

Tags: ctm set manager cisco-template cisco regular-expressions

Tags: ctm set manager cisco-template cisco regular-expressions

Tags: ctm set manager cisco-template cisco regular-expressions

Tags: type player wrf cisco-webex code-execution vulnerability cisco

Tags: vulnerabilities cisco

Tags: safer-use cisco penetration

Tags: section local command cisco-nexus nexus cisco

Tags: directory unified cisco root-filesystem port-8080 directory-traversal

Tags: directory unified cisco root-filesystem port-8080 directory-traversal

Tags: directory unified cisco root-filesystem port-8080 directory-traversal

Tags: code remote flaw cisco-warns security-agent agent-software cisco

Tags: cisco media experience experience-engine safer-use media-experience

Tags: injection nx-os command cisco-nexus cve nexus cisco

Tags: code-execution vulnerability cisco

Tags: engine cisco identity engine-database vulnerability credentials

Tags: address network translation cisco-ios network-address-translation denial-of-service cisco

Tags: multiple ipv mpls cisco-ios denial-of-service IPv6 cisco

Tags: cisco ios link cisco-ios service-vulnerability denial-of-service

Tags: cisco-telepresence vulnerabilities cisco

Tags: vulnerabilities multiple day cisco-telepresence cisco

Tags: vulnerabilities multiple day cisco-telepresence cisco

Tags: unified cisco communications safer-use unified-communications communications-manager

Tags: warranty discs evil cisco-warns cisco

Tags: warranty discs evil cisco-warns cisco

Tags: appliances series cisco management-interface web-management vulnerability

Tags: appliances series cisco management-interface web-management vulnerability

Tags: arbitrary-code-execution vulnerability cisco

Tags: surveillance-network cisco

Tags: phishers focus switch switch-focus cisco

Tags: recording server multiple cisco-telepresence safer-use cisco

Tags: vulnerabilities multiple manager cisco-telepresence safer-use cisco

Tags: vulnerabilities endpoint multiple cisco-telepresence safer-use cisco

Tags: series asa cisco adaptive-security security-appliances safer-use

Tags: management rvs cisco information-disclosure-vulnerability management-interface web-management

Tags: web management wrvs cisco-rvs information-disclosure-vulnerability web-management cisco

Tags: secure mobility execution cisco arbitrary-code-execution vulnerability

Tags: client activex vpn cisco-anyconnect vpn-client exploits cisco

Tags: secure mobility execution cisco arbitrary-code-execution vulnerability

Tags: secure mobility execution cisco arbitrary-code-execution vulnerability

Tags: router ios security cisco-fixes security-flaws cisco

Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

Tags: guarding bypass advertisement cisco-router vulnerability cisco switches

Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

Tags: unified cisco operations manager-xss directory-traversal operations-manager vulnerabilities

Tags: unified cisco operations operations-manager vulnerabilities exploits

Tags: talk phone down cisco-shoots cisco

Tags: hackers remote turn cisco-phones bugging-devices cisco

Tags: unified cisco communications cisco-unified-communications-manager unified-communications sql-injection

Tags: injection dos sql cisco-warns sql-injection cisco

Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

Tags: cross site wrt cisco-linksys g-broadband linksys-wrt54g vulnerability cisco

Tags: stealing password flaw cisco-patches access-control cisco patches

Tags: escalation notification ngs cisco client-privilege

Tags: advisory technical ngs cisco-ipsec implementation-group cisco

Tags: scraps cisco biannual disaster japan

Tags: security-advisories software-security cisco

Tags: content service cisco safer-use denial-of-service content-services