Computer Security

Cisco Security Agent multiple security vulnerabilities
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



Cisco Security Agent multiple security vulnerabilities
Published:22.02.2010
Source:BUGTRAQ
SecurityVulns ID:10638
Type:remote
Level:6/10
Description:Directpry traversal, SQL injection, DoS.
Affected:CISCO : Cisco Security Agent 5.1
 CISCO : Cisco Security Agent 5.2
 CISCO : Cisco Security Agent 6.0
CVE:CVE-2010-0148 (Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allows remote attackers to cause a denial of service (kernel panic) via "a series of TCP packets.")
 CVE-2010-0147 (SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117, 5.2 before 5.2.0.296, and 6.0 before 6.0.1.132 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.)
 CVE-2010-0146 (Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remote authenticated users to read arbitrary files via unspecified vectors.)
Original documentdocumentCISCO, Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Agent (22.02.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server