Computer Security

Unauthorized Cisco Clean Access virus isolation solution API access
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Unauthorized Cisco Clean Access virus isolation solution API access
updated since 17.08.2005
Published:19.08.2005
Source:FULL-DISCLOSURE
SecurityVulns ID:5112
Type:local
Level:5/10
Affected:CISCO : Cisco Clean Access 3.3
 CISCO : Cisco Clean Access 3.4
 CISCO : Cisco Clean Access 3.5
CVE:CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.)
 CVE-2005-4825 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service (disk consumption), or make unauthorized files accessible, by uploading files through requests to certain JSP scripts, a related issue to CVE-2005-4332.)
 CVE-2005-4332 (Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.)
Original documentdocumentllhansen-bugtraq_(at)_adams.edu, Cisco Clean Access Agent (Perfigo) bypass (19.08.2005)
 documentCISCO, [Full-disclosure] Cisco Security Advisory: Cisco Clean Access Unauthenticated API Access (17.08.2005)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server