Cisco MARS vulnerabilities

Published: 2006-07-19
Last Updated: 2006-07-19 23:26:29 UTC
by Swa Frantzen (Version: 1)
0 comment(s)
Cisco released earlier today an advisory pointing out vulnerabilities in one of their security managment products: Cisco Security Monitoring, Analysis and Response System (CS-MARS).

  • The included Oracle database has default passwords
  • The included JBoss webserver allows remote code execution
  • A privilege escalation problem that allows administrators to gain root access to the machine
--
Swa Frantzen -- Section 66
Keywords:
0 comment(s)
Diary Archives