Cisco released earlier today an advisory pointing out vulnerabilities in one of their security managment products: Cisco Security Monitoring, Analysis and Response System (CS-MARS).

• The included Oracle database has default passwords
  
• The included JBoss webserver allows remote code execution
  
• A privilege escalation problem that allows administrators to gain root access to the machine

--
Swa Frantzen -- Section 66