New User, Welcome!     Login

<< Previous Next >>

Network Access

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace

CSCtc39691 - Insufficient validation of SQL commands

CVSS Base Score - 9

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - Partial
Integrity Impact        - Partial
Availability Impact     - Complete

Cisco Security Advisory: Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

             leak

CVSS Base Score - 7.8

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - None
        Integrity Impact         - None
        Availability Impact      - Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances

* CSCtj04707 ("Possible packet buffer exhaustion when operating in transparent mode ")

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

CSCta56653 - WLC may reload when receiving crafted IKE packets

CVSS Base Score - 7.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server

* CSCti81574 - Open Query Interface

CVSS Base Score - 10.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

* Certain packets may cause WebAuth services to hang or reload the
device (CSCsq44516)

CVSS Base Score - 6.1
    Access Vector -            Adjacent Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

Cisco Security Advisory: IronPort Encryption Appliance / PostX and PXE Encryption Vulnerabilities

PXE Encryption Message Decryption Vulnerability - IronPort Bug 8062

CVSS Base Score - 7.1
    Access Vector - Network
    Access Complexity - Medium
    Authentication - None
    Confidentiality Impact - Complete
    Integrity Impact - None
    Availability Impact - None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers

+-----------------------------------------------------

CVSS Base Score - 7.8

        Access Vector            - Network
        Access Complexity        - Low
        Authentication           - None
        Confidentiality Impact   - None
        Integrity Impact         - None
        Availability Impact      - Complete

Cisco Security Advisory: Multiple Vulnerabilities in Firewall Services Module

* Crafted HTTPS Request (CSCsi77844)

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

CSCta20040 - Device crashes when receiving crafted SIP message

CVSS Base Score - 7.8
Access Vector           Network
Access Complexity       Low
Authentication          None
Confidentiality Impact  None
Integrity Impact        None
Availability Impact     Complete

Cisco Security Advisory: Cisco IOS Secure Shell Denial of Service

* CSCsk42419 - SSHv2 spurious memory access

CVSS Base Score - 7.8
    Access Vector -             Network
    Access Complexity -         Low
    Authentication -            None
    Confidentiality Impact -    None
    Integrity Impact -          None
    Availability Impact -       Complete

Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

* CSCsh50164 - PE Service core dumps when it receives malformed packets

CVSS Base Score - 7.8
    Access Vector -             Network
    Access Complexity -         Low
    Authentication -            None
    Confidentiality Impact -    None
    Integrity Impact -          None
    Availability Impact -       Complete

Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities

CSCtf17624 - NAT SIP DoS Vulnerability

CVSS Base Score - 7.8
Access Vector           Network
Access Complexity       Low
Authentication          None
Confidentiality Impact  None
Integrity Impact        None
Availability Impact     Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent

CSCtd73275 - Directory Traversal in the Management Center for Cisco Security Agents

CVSS Base Score - 6.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - Single
Confidentiality Impact  - Complete
Integrity Impact        - None
Availability Impact     - None

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Digital Media Manager

* CSCta03378 ("Default password for Tomcat administration account")

CVSS Base Score - 10.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager

* CSCtc59562 - SOAP Authentication Bypass

CVSS Base Score - 7.5
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Partial
    Integrity Impact -         Partial
    Availability Impact -      Partial

MITKRB5-SA-2011-002 KDC denial of service attacks [CVE-2011-0281 CVE-2011-0282 CVE-2011-0283]

CVSSv2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:H/RL:OF/RC:C

CVSSv2 Base Score:      7.8

Access Vector:          Network
Access Complexity:      Low
Authentication:         None
Confidentiality Impact: None
Integrity Impact:       None
Availability Impact:    Complete

Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability

* CSCtq78106 ("XCP Vulnerable to XML Entity Expansion Attack")

CVSS Base Score - 7.8
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   None
    Integrity Impact -         None
    Availability Impact -      Complete

MITKRB5-SA-2009-001: multiple vulnerabilities in SPNEGO, ASN.1 decoder [CVE-2009-0844 CVE-2009-0845 CVE-2009-0847]

CVSSv2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:C/E:POC/RL:OF/RC:C

CVSSv2 Base Score:      8.5

Access Vector:          Network
Access Complexity:      Low
Authentication:         None
Confidentiality Impact: Partial
Integrity Impact:       None
Availability Impact:    Complete

RE: Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities (UNCLASSIFIED)

* CSCsh50164 - PE Service core dumps when it receives malformed packets

CVSS Base Score - 7.8
    Access Vector -             Network
    Access Complexity -         Low
    Authentication -            None
    Confidentiality Impact -    None
    Integrity Impact -          None
    Availability Impact -       Complete

Cisco Security Advisory: Multiple Vulnerabilities in Cisco IronPort Encryption Appliance

IronPort Bug 65921 - Arbitrary File Access Through Administrative Interface

CVSS Base Score - 7.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - Complete
Integrity Impact        - None
Availability Impact     - None

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities

CSCso75027 - CTI Manager TSP Crash

CVSS Base Score - 7.8
    Access Vector - Network
    Access Complexity - Low
    Authentication - None
    Confidentiality Impact - None
    Integrity Impact - None
    Availability Impact - Complete

Cisco Security Advisory: Vulnerabilities in Cisco Video Surveillance Products

CSCsj47924 - Malformed payload to xvcrman process causes reboot

CVSS Base Score - 7.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities

* CSCtt46871 - Cisco SRP 500 Series Web Interface Command Injection
Vulnerability

CVSS Base Score - 9.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           Single
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

Cisco Security Advisory: Multiple vulnerabilities in Cisco PGW Softswitch

CSCsl39126 - Malformed MGCP packet can crash device 

CVSS Base Score - 7.8
  Access Vector           Network
  Access Complexity       Low
  Authentication          None
  Confidentiality Impact  None
  Integrity Impact        None
  Availability Impact     Complete

Untrusted Java applet can connect to localhost

===========
Description
===========
The Java browser plugin shipped with versions of the JRE and JDK
listed above, contains a vulnerability that allows an
untrusted applet to violate the network access restrictions placed on it
by the Java sandbox in order to connect to the local host.  This permits a
malicious website to host an applet that is capable of port scanning the
local system and exploiting vulnerable network services (e.g. unpatched
vulnerabilities in MSRPC etc.)

Cisco Security Advisory: Vulnerabilities in Unified Contact Center Express Administration Pages

* Incomplete input validation allows modification of OS
files/directories (CSCsw76644)

CVSS Base Score - 9.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           Single
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities

CSCtd17310 - potential core dump issue in SIPStationInit code

CVSS Base Score - 7.8

Access Vector           - Network
Access Complexity       - Low
Authentication          - None
Confidentiality Impact  - None
Integrity Impact        - None
Availability Impact     - Complete

Cisco Security Advisory: Cisco Video Surveillance IP Gateway and Services Platform Authentication Vulnerabilities

CSCsj31729 - Encoder/Decoder Telnet Daemon Fails to Authenticate

CVSS Base Score - 10.0
    Access Vector -            Network
    Access Complexity -        Low
    Authentication -           None
    Confidentiality Impact -   Complete
    Integrity Impact -         Complete
    Availability Impact -      Complete

MITKRB5-SA-2008-001: double-free, uninitialized data vulnerabilities in krb5kdc

CVSSv2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:C/E:P/RL:O/RC:C

CVSSv2 Base Score:      9.3

Access Vector:          Network
Access Complexity:      Medium
Authentication:         None
Confidentiality Impact: Complete
Integrity Impact:       Complete
Availability Impact:    Complete
<<Previous Next>>

Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!