New User, Welcome!     Login

Security Agents

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security
Agent

Advisory ID: cisco-sa-20100217-csa

Revision 1.0

Cisco Security Advisory: Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Cisco Security Advisory: Cisco Security Agent for Windows System Driver
Remote Buffer Overflow Vulnerability

Advisory ID: cisco-sa-20071205-csa

http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml

Cisco Security Advisory: Management Center for Cisco Security Agent Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Management Center for Cisco Security Agent
Remote Code Execution Vulnerability

Advisory ID: cisco-sa-20110216-csa

Revision 1.0

Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities

Advisory ID: cisco-sa-20111026-csa

Revision 1.0

For Public Release 2011 October 26 16:00  UTC (GMT)

NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability

NSFOCUS Security Advisory (SA2007-02)

Cisco Security Agent Remote Buffer Overflow Vulnerability

Release Date: 2007-12-06

CVE ID: CVE-2007-5580

http://www.nsfocus.com/english/homepage/research/0702.htm

360 Security Guard breg device drivers Privilege Escalation Vulnerabilitie

Vendor            : Qihoo 360
Affected Software : 360 Security Guard 6.1.5.1009


Description:

Qihoo 360 Security Guard is very famous in China.

Some vulnerabilities have been reported in Qihoo 360 Security Guard, which can be exploited by malicious, local users to gain escalated privileges.

ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability

ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability

http://www.zerodayinitiative.com/advisories/ZDI-11-088

February 16, 2011

-- CVE ID:
CVE-2011-0364

-- CVSS:

Cisco Security Advisory: Transport Layer Security Renegotiation Vulnerability

|                            |                               |
|----------------------------+-------------------------------|
| Cisco Secure Services      | CSCtd03935                    |
| Client                     |                               |
|----------------------------+-------------------------------|
| Cisco Security Agent CSA   | CSCtd02689                    |
|                            |                               |
|----------------------------+-------------------------------|
| Cisco Security Monitoring, | CSCtd02654                    |
| Analysis and Response      |                               |
| System (MARS)              |                               |

Cisco Security Advisory: Active Template Library (ATL) Vulnerability

  * Cisco Meetingplace
  * Cisco Mobile Wireless Fault Mediator (MWFM)
  * Cisco NAC Appliance (formerly Cisco Clean Access)
  * Cisco Secure Access Control Server (ACS)
  * Cisco Secure Desktop
  * Cisco Security Agent
  * Cisco Security Monitoring, Analysis and Response System (MARS)
  * Cisco SSL VPN Client (SVC)
  * Cisco Unified Contact Center Express (Unified CCX)
  * Cisco Video Surveillance Media Server (VSMS)
  * CiscoWorks LAN Management Solution (LMS)

Re: MS Internet Explorer 7 Denial Of Service Exploit

Neat PoC. However, this requires the users to have configured IE to run
Active-X content. On my test machines, I was prompted by the Browser
before the code ran. Surprisingly, CSA never stopped it.

I tested this on:
        Internet Explorer 7 on Windows XP 32-bit w/ Cisco Security Agent
v5.0.0.176
        Internet Explorer 7 on Vista 32-bit (no CSA)

Thanks,

Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability

|----------------------------------------------------------------+---------------------------|
| CiscoWorks LAN Management Solution (LMS)                       | CSCts35837                |
|----------------------------------------------------------------+---------------------------|
| Cisco Digital Media Suite Products                             | CSCts33189                |
|----------------------------------------------------------------+---------------------------|
| Management Center for Cisco Security Agents                    | CSCts33208                |
|----------------------------------------------------------------+---------------------------|
| Service Exchange Framework                                     | CSCts36185                |
|----------------------------------------------------------------+---------------------------|
| Cisco Shared Network Management and Automation                 | CSCts33476                |
+--------------------------------------------------------------------------------------------+


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!