Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
26 vulnerabilities found for security_agent by cisco
CVE-2011-0364 (GCVE-0-2011-0364)
Vulnerability from nvd – Published: 2011-02-18 23:00 – Updated: 2024-08-06 21:51
VLAI
Summary
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/8197 | third-party-advisoryx_refsource_SREASON |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1025088 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-11-088 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/516505/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/8205 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/43383 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/8095 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/46420 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2011/0424 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/43393 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2011-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025088"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "8197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025088"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8197",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025088"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-088",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0364",
"datePublished": "2011-02-18T23:00:00.000Z",
"dateReserved": "2011-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:51:08.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0148 (GCVE-0-2010-0148)
Vulnerability from nvd – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1023607 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/38273 | vdb-entryx_refsource_BID |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://osvdb.org/62445 | vdb-entryx_refsource_OSVDB |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via \"a series of TCP packets.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via \"a series of TCP packets.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"refsource": "OSVDB",
"url": "http://osvdb.org/62445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0148",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0147 (GCVE-0-2010-0147)
Vulnerability from nvd – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/62444 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1023606 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/38272 | vdb-entryx_refsource_BID |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"refsource": "OSVDB",
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0147",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0146 (GCVE-0-2010-0146)
Vulnerability from nvd – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://osvdb.org/62443 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1023606 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/38271 | vdb-entryx_refsource_BID |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "62443",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "62443",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "62443",
"refsource": "OSVDB",
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0146",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5580 (GCVE-0-2007-5580)
Vulnerability from nvd – Published: 2007-12-15 01:00 – Updated: 2024-08-07 15:39
VLAI
Summary
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3425 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/27947 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/4103 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1019046 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://osvdb.org/39521 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/484669/100… | mailing-listx_refsource_BUGTRAQ |
| http://tools.cisco.com/Support/BugToolKit/search/… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/26723 | vdb-entryx_refsource_BID |
| http://www.nsfocus.com/english/homepage/research/… | x_refsource_MISC |
Date Public
2007-12-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3425",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26723"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "3425",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26723"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2007-5580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3425",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"refsource": "OSVDB",
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26723"
},
{
"name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
"refsource": "MISC",
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2007-5580",
"datePublished": "2007-12-15T01:00:00.000Z",
"dateReserved": "2007-10-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1064 (GCVE-0-2007-1064)
Vulnerability from nvd – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://osvdb.org/33049 | vdb-entryx_refsource_OSVDB |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"refsource": "OSVDB",
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1064",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1065 (GCVE-0-2007-1065)
Vulnerability from nvd – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/33048 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"refsource": "OSVDB",
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1065",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1066 (GCVE-0-2007-1066)
Vulnerability from nvd – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/33047 | vdb-entryx_refsource_OSVDB |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting \"a thread under ConnectionClient.exe,\" aka CSCsg20558."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting \"a thread under ConnectionClient.exe,\" aka CSCsg20558."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"refsource": "OSVDB",
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1066",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1067 (GCVE-0-2007-1067)
Vulnerability from nvd – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/33045 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"refsource": "OSVDB",
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1067",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1068 (GCVE-0-2007-1068)
Vulnerability from nvd – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/33046 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"refsource": "OSVDB",
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1068",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5553 (GCVE-0-2006-5553)
Vulnerability from nvd – Published: 2006-10-26 17:00 – Updated: 2024-08-07 19:55
VLAI
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017118 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/20737 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/30055 | vdb-entryx_refsource_OSVDB |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.vupen.com/english/advisories/2006/4198 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/22574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-10-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017118",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5553",
"datePublished": "2006-10-26T17:00:00.000Z",
"dateReserved": "2006-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:53.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2280 (GCVE-0-2005-2280)
Vulnerability from nvd – Published: 2005-07-17 04:00 – Updated: 2024-08-07 22:22
VLAI
Summary
Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2005-07-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:48.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2280",
"datePublished": "2005-07-17T04:00:00.000Z",
"dateReserved": "2005-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:22:48.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1112 (GCVE-0-2004-1112)
Vulnerability from nvd – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI
Summary
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11659 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.ciac.org/ciac/bulletins/p-036.shtml | third-party-advisorygovernment-resourcex_refsource_CIAC |
Date Public
2004-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1112",
"datePublished": "2004-12-01T05:00:00.000Z",
"dateReserved": "2004-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2011-0364 (GCVE-0-2011-0364)
Vulnerability from cvelistv5 – Published: 2011-02-18 23:00 – Updated: 2024-08-06 21:51
VLAI
Summary
The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
12 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/8197 | third-party-advisoryx_refsource_SREASON |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1025088 | vdb-entryx_refsource_SECTRACK |
| http://www.zerodayinitiative.com/advisories/ZDI-11-088 | x_refsource_MISC |
| http://www.securityfocus.com/archive/1/516505/100… | mailing-listx_refsource_BUGTRAQ |
| http://securityreason.com/securityalert/8205 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/43383 | third-party-advisoryx_refsource_SECUNIA |
| http://securityreason.com/securityalert/8095 | third-party-advisoryx_refsource_SREASON |
| http://www.securityfocus.com/bid/46420 | vdb-entryx_refsource_BID |
| http://www.vupen.com/english/advisories/2011/0424 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/43393 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2011-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:51:08.538Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "8197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1025088"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "8197",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1025088"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2011-0364",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "8197",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8197"
},
{
"name": "20110216 Management Center for Cisco Security Agent Remote Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml"
},
{
"name": "1025088",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1025088"
},
{
"name": "http://www.zerodayinitiative.com/advisories/ZDI-11-088",
"refsource": "MISC",
"url": "http://www.zerodayinitiative.com/advisories/ZDI-11-088"
},
{
"name": "20110217 ZDI-11-088: Cisco Security Agent Management st_upload Remote Code Execution Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/516505/100/0/threaded"
},
{
"name": "8205",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8205"
},
{
"name": "43383",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43383"
},
{
"name": "8095",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/8095"
},
{
"name": "46420",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/46420"
},
{
"name": "ADV-2011-0424",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2011/0424"
},
{
"name": "43393",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/43393"
},
{
"name": "cisco-security-webagent-file-upload(65436)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/65436"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2011-0364",
"datePublished": "2011-02-18T23:00:00.000Z",
"dateReserved": "2011-01-07T00:00:00.000Z",
"dateUpdated": "2024-08-06T21:51:08.538Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0146 (GCVE-0-2010-0146)
Vulnerability from cvelistv5 – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://osvdb.org/62443 | vdb-entryx_refsource_OSVDB |
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1023606 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.securityfocus.com/bid/38271 | vdb-entryx_refsource_BID |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.922Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "62443",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38271"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "62443",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38271"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0146",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "62443",
"refsource": "OSVDB",
"url": "http://osvdb.org/62443"
},
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "cisco-sa-mgmtcenter-dir-traversal(56345)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56345"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "38271",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38271"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0146",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.922Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0148 (GCVE-0-2010-0148)
Vulnerability from cvelistv5 – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets."
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1023607 | vdb-entryx_refsource_SECTRACK |
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/38273 | vdb-entryx_refsource_BID |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://osvdb.org/62445 | vdb-entryx_refsource_OSVDB |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62445"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via \"a series of TCP packets.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62445"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0148",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via \"a series of TCP packets.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "cisco-securityagent-tcp-dos(56347)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56347"
},
{
"name": "1023607",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023607"
},
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "38273",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38273"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "62445",
"refsource": "OSVDB",
"url": "http://osvdb.org/62445"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0148",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.899Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-0147 (GCVE-0-2010-0147)
Vulnerability from cvelistv5 – Published: 2010-02-23 20:00 – Updated: 2024-08-07 00:37
VLAI
Summary
SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/38619 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/62444 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2010/0416 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1023606 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securityfocus.com/bid/38272 | vdb-entryx_refsource_BID |
Date Public
2010-02-17 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:37:53.918Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/38272"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-02-17T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "38619",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/38272"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-0147",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "38619",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38619"
},
{
"name": "62444",
"refsource": "OSVDB",
"url": "http://osvdb.org/62444"
},
{
"name": "ADV-2010-0416",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0416"
},
{
"name": "1023606",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023606"
},
{
"name": "20100217 Multiple Vulnerabilities in Cisco Security Agent",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1910d.shtml"
},
{
"name": "cisco-sa-mgmtcenter-sql-injection(56346)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/56346"
},
{
"name": "38272",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/38272"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-0147",
"datePublished": "2010-02-23T20:00:00.000Z",
"dateReserved": "2010-01-04T00:00:00.000Z",
"dateUpdated": "2024-08-07T00:37:53.918Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-5580 (GCVE-0-2007-5580)
Vulnerability from cvelistv5 – Published: 2007-12-15 01:00 – Updated: 2024-08-07 15:39
VLAI
Summary
Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
10 references
| URL | Tags |
|---|---|
| http://securityreason.com/securityalert/3425 | third-party-advisoryx_refsource_SREASON |
| http://secunia.com/advisories/27947 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/4103 | vdb-entryx_refsource_VUPEN |
| http://www.securitytracker.com/id?1019046 | vdb-entryx_refsource_SECTRACK |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://osvdb.org/39521 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/archive/1/484669/100… | mailing-listx_refsource_BUGTRAQ |
| http://tools.cisco.com/Support/BugToolKit/search/… | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/26723 | vdb-entryx_refsource_BID |
| http://www.nsfocus.com/english/homepage/research/… | x_refsource_MISC |
Date Public
2007-12-05 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:39:13.565Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "3425",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26723"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-12-05T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01.000Z",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "3425",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26723"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2007-5580",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in a certain driver in Cisco Security Agent 4.5.1 before 4.5.1.672, 5.0 before 5.0.0.225, 5.1 before 5.1.0.106, and 5.2 before 5.2.0.238 on Windows allows remote attackers to execute arbitrary code via a crafted SMB packet in a TCP session on port (1) 139 or (2) 445."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "3425",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3425"
},
{
"name": "27947",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27947"
},
{
"name": "ADV-2007-4103",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/4103"
},
{
"name": "1019046",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019046"
},
{
"name": "20071205 Cisco Security Agent for Windows System Driver Remote Buffer Overflow Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a008090a434.shtml"
},
{
"name": "39521",
"refsource": "OSVDB",
"url": "http://osvdb.org/39521"
},
{
"name": "20071206 NSFOCUS SA2007-02 : Cisco Security Agent Remote Buffer Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/484669/100/100/threaded"
},
{
"name": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails\u0026bugId=CSCsl00618"
},
{
"name": "26723",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26723"
},
{
"name": "http://www.nsfocus.com/english/homepage/research/0702.htm",
"refsource": "MISC",
"url": "http://www.nsfocus.com/english/homepage/research/0702.htm"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2007-5580",
"datePublished": "2007-12-15T01:00:00.000Z",
"dateReserved": "2007-10-19T00:00:00.000Z",
"dateUpdated": "2024-08-07T15:39:13.565Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1064 (GCVE-0-2007-1064)
Vulnerability from cvelistv5 – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://osvdb.org/33049 | vdb-entryx_refsource_OSVDB |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1064",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not drop privileges when the help facility in the supplicant GUI is invoked, which allows local users to gain privileges, aka CSCsf14120."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "33049",
"refsource": "OSVDB",
"url": "http://osvdb.org/33049"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-help-privilege-escalation(32621)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32621"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1064",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1065 (GCVE-0-2007-1065)
Vulnerability from cvelistv5 – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://osvdb.org/33048 | vdb-entryx_refsource_OSVDB |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.496Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1065",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client allows local users to gain SYSTEM privileges via unspecified vectors in the supplicant, aka CSCsf15836."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "cisco-cssc-privilege-escalation(32622)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32622"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "33048",
"refsource": "OSVDB",
"url": "http://osvdb.org/33048"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1065",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.496Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1066 (GCVE-0-2007-1066)
Vulnerability from cvelistv5 – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting "a thread under ConnectionClient.exe," aka CSCsg20558.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://osvdb.org/33047 | vdb-entryx_refsource_OSVDB |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.501Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting \"a thread under ConnectionClient.exe,\" aka CSCsg20558."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1066",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client use an insecure default Discretionary Access Control Lists (DACL) for the connection client GUI, which allows local users to gain privileges by injecting \"a thread under ConnectionClient.exe,\" aka CSCsg20558."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-dacl-privilege-escalation(32625)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32625"
},
{
"name": "33047",
"refsource": "OSVDB",
"url": "http://osvdb.org/33047"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1066",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.501Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1067 (GCVE-0-2007-1067)
Vulnerability from cvelistv5 – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/33045 | vdb-entryx_refsource_OSVDB |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.504Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1067",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client do not properly parse commands, which allows local users to gain privileges via unspecified vectors, aka CSCsh30624."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33045",
"refsource": "OSVDB",
"url": "http://osvdb.org/33045"
},
{
"name": "cisco-cssc-parsing-privilege-escalation(32624)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32624"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1067",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.504Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2007-1068 (GCVE-0-2007-1068)
Vulnerability from cvelistv5 – Published: 2007-02-22 01:00 – Updated: 2024-08-07 12:43
VLAI
Summary
The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
8 references
| URL | Tags |
|---|---|
| http://secunia.com/advisories/24258 | third-party-advisoryx_refsource_SECUNIA |
| http://osvdb.org/33046 | vdb-entryx_refsource_OSVDB |
| http://www.vupen.com/english/advisories/2007/0690 | vdb-entryx_refsource_VUPEN |
| http://www.securityfocus.com/bid/22648 | vdb-entryx_refsource_BID |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.securitytracker.com/id?1017683 | vdb-entryx_refsource_SECTRACK |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.securitytracker.com/id?1017684 | vdb-entryx_refsource_SECTRACK |
Date Public
2007-02-21 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T12:43:22.534Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-02-21T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "24258",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1017684"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1068",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The (1) TTLS CHAP, (2) TTLS MSCHAP, (3) TTLS MSCHAPv2, (4) TTLS PAP, (5) MD5, (6) GTC, (7) LEAP, (8) PEAP MSCHAPv2, (9) PEAP GTC, and (10) FAST authentication methods in Cisco Secure Services Client (CSSC) 4.x, Trust Agent 1.x and 2.x, Cisco Security Agent (CSA) 5.0 and 5.1 (when a vulnerable Trust Agent has been deployed), and the Meetinghouse AEGIS SecureConnect Client store transmitted authentication credentials in plaintext log files, which allows local users to obtain sensitive information by reading these files, aka CSCsg34423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "24258",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24258"
},
{
"name": "33046",
"refsource": "OSVDB",
"url": "http://osvdb.org/33046"
},
{
"name": "ADV-2007-0690",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/0690"
},
{
"name": "22648",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/22648"
},
{
"name": "20070221 Multiple Vulnerabilities in 802.1X Supplicant",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070221-supplicant.shtml"
},
{
"name": "1017683",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017683"
},
{
"name": "cisco-cssc-password-information-disclosure(32626)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32626"
},
{
"name": "1017684",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1017684"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1068",
"datePublished": "2007-02-22T01:00:00.000Z",
"dateReserved": "2007-02-21T00:00:00.000Z",
"dateUpdated": "2024-08-07T12:43:22.534Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2006-5553 (GCVE-0-2006-5553)
Vulnerability from cvelistv5 – Published: 2006-10-26 17:00 – Updated: 2024-08-07 19:55
VLAI
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
7 references
| URL | Tags |
|---|---|
| http://securitytracker.com/id?1017118 | vdb-entryx_refsource_SECTRACK |
| http://www.securityfocus.com/bid/20737 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.osvdb.org/30055 | vdb-entryx_refsource_OSVDB |
| http://www.cisco.com/en/US/products/products_secu… | vendor-advisoryx_refsource_CISCO |
| http://www.vupen.com/english/advisories/2006/4198 | vdb-entryx_refsource_VUPEN |
| http://secunia.com/advisories/22574 | third-party-advisoryx_refsource_SECUNIA |
Date Public
2006-10-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017118",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5553",
"datePublished": "2006-10-26T17:00:00.000Z",
"dateReserved": "2006-10-26T00:00:00.000Z",
"dateUpdated": "2024-08-07T19:55:53.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2005-2280 (GCVE-0-2005-2280)
Vulnerability from cvelistv5 – Published: 2005-07-17 04:00 – Updated: 2024-08-07 22:22
VLAI
Summary
Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
Date Public
2005-07-13 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T22:22:48.742Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-07-13T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-2280",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) 4.5 allows remote attackers to cause a denial of service (system crash) via a crafted IP packet."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20050713 Cisco Security Agent Vulnerable to Crafted IP Attack",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20050713-csa.shtml"
},
{
"name": "csa-ip-dos(21344)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/21344"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-2280",
"datePublished": "2005-07-17T04:00:00.000Z",
"dateReserved": "2005-07-17T00:00:00.000Z",
"dateUpdated": "2024-08-07T22:22:48.742Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1112 (GCVE-0-2004-1112)
Vulnerability from cvelistv5 – Published: 2004-12-01 05:00 – Updated: 2024-08-08 00:39
VLAI
Summary
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/11659 | vdb-entryx_refsource_BID |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entryx_refsource_XF |
| http://www.cisco.com/warp/public/707/cisco-sa-200… | vendor-advisoryx_refsource_CISCO |
| http://www.ciac.org/ciac/bulletins/p-036.shtml | third-party-advisorygovernment-resourcex_refsource_CIAC |
Date Public
2004-11-11 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T00:39:00.752Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "11659",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-11-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "11659",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1112",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "11659",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/11659"
},
{
"name": "csa-buffer-protection-bypass(18037)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/18037"
},
{
"name": "20041111 Crafted Timed Attack Evades Cisco Security Agent Protections",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20041111-csa.shtml"
},
{
"name": "P-036",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/p-036.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1112",
"datePublished": "2004-12-01T05:00:00.000Z",
"dateReserved": "2004-11-30T00:00:00.000Z",
"dateUpdated": "2024-08-08T00:39:00.752Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}