<< Previous Next >>
provided
arbitary file extension at. E.g .tx, .tm]
3. Chrome:
http://securethoughts.com/security/rssatomxss/googlechromexss.atom.tx [Any
arbitary file extension at. E.g .tx, .tm]
3. Exploit Scenario 3 –
1. Details and PoC will be released after patch is provided by
Opera Security Team in next minor release.
For research purposes, you can try out the PoCs on these virtualized (and
vulnerable) versions of various browsers, without installing any bits on
your computer [5].
Details
=======
ANM is a network management application that manages Cisco ACE modules
or appliances. ANM is installed on customer provided servers with a Red
Hat Enterprise Linux operating system. The ACE Device Manager provides
a browser-based interface for configuring and managing a single ACE
appliance. The ACE Device Manager resides in flash memory on the ACE
appliance. Multiple vulnerabilities exist in ANM and one in the ACE
Device Manager products. The following details are provided for each
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
Bugtraq ID: 38055, 38056
CVE Name: N/A, CVE-2010-0255
3. *Vulnerability Description*
This advisory describes two vulnerabilities that provide access to any
file stored in on a user's desktop system if it is running a vulnerable
version of Internet Explorer. These vulnerabilities can be used in
attacks combined with a number of insecure features of Internet Explorer
to provide remote access to locally stored files without the need for
any further action from the victim after visting a website controlled by
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco 6500 Series device that is
running Cisco IOS Software release 12.2(18)SXF7 with an installed
image name of s72033_rp-IPSERVICESK9_WAN-M:
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
assigned Common Vulnerabilities and Exposures (CVE) ID CVE-2009-2864.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name is displayed in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
vulnerabilities.
Note: The Cisco Unified Border Element feature (previously known as
the Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS
Software image that runs on Cisco multiservice gateway platforms. It
provides a network-to-network interface point for billing, security,
call admission control, quality of service, and signaling
interworking.
To determine the Cisco IOS Software release that is running on a
Cisco product, administrators can log in to the device and issue the
Common Vulnerabilities and Exposures (CVE) CVE-2010-0138.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
This section will be updated when more information is available.
Details
=======
TLS and its predecessor, SSL, are cryptographic protocols that provide
security for communications over IP data networks such as the Internet.
An industry-wide vulnerability exists in the TLS protocol that could
impact any Cisco product that uses any version of TLS and SSL. The
vulnerability exists in how the protocol handles session renegotiation
and exposes users to a potential man-in-the-middle attack.
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
configured for SIP and Cisco Unified Border Element feature are not
affected by this vulnerability.
Note: Cisco Unified Border Element feature (previously known as the
Cisco Multiservice IP-to-IP Gateway) is a special Cisco IOS Software
image that runs on Cisco multiservice gateway platforms. It provides
a network-to-network interface point for billing, security, call
admission control, quality of service, and signaling interworking.
Cisco Unified Border Element feature requires the "voice service voip"
command and the "allow-connections" subcommand. An example of an
"show version" command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the "show version" command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
show version command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the show version command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
These vulnerabilities affect the legacy Richards-Zeta Mediator 2500
product and Cisco Network Building Mediator NBM-2400 and NBM-4800
models. All Mediator Framework software releases prior to 3.1.1 are
affected by all vulnerabilities listed in this security advisory.
This table provides information about affected software releases:
+---------------------------------------+
| Cisco Bug | Affects Software |
| ID | Releases |
|-------------+-------------------------|
Vulnerabilities and Exposures (CVE) ID CVE-2009-2055.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
versions 5.1(3g), 6.1(4), 7.0(2a)su1, and 7.1(2a)su1.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
show version command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the show version command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
banner confirms that the device is running Cisco IOS Software by
displaying text similar to "Cisco Internetwork Operating System
Software" or "Cisco IOS Software." The image name displays in
parentheses, followed by "Version" and the Cisco IOS Software release
name. Other Cisco devices do not have the "show version" command or
may provide different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
show version command to display the system banner. The system banner
confirms that the device is running Cisco IOS Software by displaying
text similar to "Cisco Internetwork Operating System Software" or
"Cisco IOS Software." The image name displays in parentheses,
followed by "Version" and the Cisco IOS Software release name. Other
Cisco devices do not have the show version command or may provide
different output.
The following example identifies a Cisco product that is running
Cisco IOS Software Release 12.3(26) with an installed image name of
C2500-IS-L:
CVE-2008-3813 has been assigned to this vulnerability.
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerability in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
* CSCsm46064, assigned CVE ID CVE-2008-3801
Vulnerability Scoring Details
=============================
Cisco has provided scores for the vulnerabilities in this advisory
based on the Common Vulnerability Scoring System (CVSS). The CVSS
scoring in this Security Advisory is done in accordance with CVSS
version 2.0.
CVSS is a standards-based scoring method that conveys vulnerability
Devices running Cisco IOS versions 12.0S, 12.2, 12.3 or 12.4 and
configured for Multiprotocol Label Switching (MPLS) Virtual Private
Networks (VPNs) or VPN Routing and Forwarding Lite (VRF Lite) and
using Border Gateway Protocol (BGP) between Customer Edge (CE) and
Provider Edge (PE) devices may permit information to propagate
between VPNs.
Workarounds are available to help mitigate this vulnerability.
This issue is triggered by a logic error when processing extended
Systems is available at the vendor's support site [3].
Vendor Statement:
Wonderware, a business unit of Invensys, is committed to collaborate
with our customers and industry standards committees to provide secure
applications, security best practices, deployment guidelines, tools and
prescriptive guidance for maintaining a secure environment. A potential
denial of service issue on an insecure network which could have been
instigated by a hostile internal user has been addressed in SuiteLink
2.0 Patch 01. More details can be found in Wonderware's Tech Alert 106
contains multiple denial of service (DoS) vulnerabilities that may
cause an interruption in voice services, if exploited. These
vulnerabilities were discovered internally by Cisco. The following
Cisco Unified Communications Manager services are affected:
* Certificate Trust List (CTL) Provider
* Certificate Authority Proxy Function (CAPF)
* Session Initiation Protocol (SIP)
* Simple Network Management Protocol (SNMP) Trap
Cisco has released free software updates that address these
contains multiple denial of service (DoS) vulnerabilities that may
cause an interruption in voice services, if exploited. These
vulnerabilities were discovered internally by Cisco. The following
Cisco Unified Communications Manager services are affected:
* Certificate Trust List (CTL) Provider
* Certificate Authority Proxy Function (CAPF)
* Session Initiation Protocol (SIP)
* Simple Network Management Protocol (SNMP) Trap
Cisco has released free software updates that address these
Details
=======
Cisco Unified Customer Voice Portal (CVP), which is part of Cisco
Customer Interaction Network solution, provides customer voice and
video self-service integration. Using CVP, organizations can provide
intelligent, personalized self-service over the phone, allowing
customers to efficiently retrieve the information they need from the
contact center.
Details
=======
Cisco Unified Customer Voice Portal (CVP), which is part of Cisco
Customer Interaction Network solution, provides customer voice and
video self-service integration. Using CVP, organizations can provide
intelligent, personalized self-service over the phone, allowing
customers to efficiently retrieve the information they need from the
contact center.
<<Previous Next>>
|
