Search (keywords):  SOFT ARTICLES TIPS & TRICKS SECURITY LINKS NEWS MAN DOCUMENTATION

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

From: SecuriTeam <support@securiteam.com.>
To: [email protected]
Date: 19 Dec 2005 10:25:40 +0200
Subject: [NEWS] Cisco Clean Access File Upload Authentication Bypass
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <20051219111721.A316258CA@mail.tyumen.ru.>
X-Virus-Scanned: antivirus-gw at tyumen.ru

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html 

- - - - - - - - -




  Cisco Clean Access File Upload Authentication Bypass
------------------------------------------------------------------------


SUMMARY

" <http://www.cisco.com/en/US/products/ps6128/index.html>; Cisco Clean 
Access (NAC Appliance) is an easily deployed Network Admission Control 
(NAC) solution that can automatically detect, isolate, and clean infected 
or vulnerable devices that attempt to access your network - regardless of 
the access method. "

Cisco Clean Access does not validate user authentication, allowing 
attackers to upload any file they wish to the server, and even cause a DoS 
by filling up all the storage space.

DETAILS

Vulnerable Systems:
 * Cisco Clean Access version 3.5.5

A user without a username or password can upload files to a web visible 
folder using the pages: /admin/uploadclient.jsp, apply_firmware_action.jsp 
or file.jsp. The user could also fill up the drive as it seems, aside from 
/boot, the rest of the drive is one big partition. Filling up the drive 
would most definitely cause the system to lock up in its current 
configuration.


ADDITIONAL INFORMATION

The information has been provided by  <mailto:alex@box.sk.> Alex.
The original article can be found at:  
<http://www.awarenetwork.org/forum/viewtopic.php?p=2236>; 
http://www.awarenetwork.org/forum/viewtopic.php?p=2236






This bulletin is sent to members of the SecuriTeam mailing list. 
To unsubscribe from the list, send mail with an empty subject line and body to: [email protected] 
In order to subscribe to the mailing list, simply forward this email to: [email protected] 





DISCLAIMER: 
The information in this bulletin is provided "AS IS" without warranty of any kind. 
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages. 

<< Previous INDEX Search src Set bookmark Go to bookmark Next >>

Партнёры:

Хостинг: