Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: Cisco MARS vulnerabilities - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco MARS vulnerabilities
Cisco released earlier today an advisory pointing out vulnerabilities in one of their security managment products: Cisco Security Monitoring, Analysis and Response System (CS-MARS).

  • The included Oracle database has default passwords
  • The included JBoss webserver allows remote code execution
  • A privilege escalation problem that allows administrators to gain root access to the machine
--
Swa Frantzen -- Section 66
Swa

760 Posts

Sign Up for Free or Log In to start participating in the conversation!