|
|
|
|
| |
Credit:
The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20100217-csa.shtml
|
| |
Vulnerable Systems:
* Cisco Security Agent version 5.1
* Cisco Security Agent version 5.2
* Cisco Security Agent version 6.0
Successful exploitation of the directory traversal vulnerability may allow an authenticated attacker to view and download arbitrary files from the server hosting the Management Center. Successful exploitation of the SQL injection vulnerability may allow an authenticated attacker to execute SQL statements that can cause instability of the product or changes in the configuration.
Additionally, the Cisco Security Agent is affected by a denial of service (DoS) vulnerability. Successful exploitation of the Cisco Security Agent agent DoS vulnerability may cause the affected system to crash. Repeated exploitation could result in a sustained DoS condition.
The Management Center for Cisco Security Agents is affected by a directory traversal vulnerability and a SQL injection vulnerability.
Management Center for Cisco Security Agents Directory Traversal Vulnerability
The Management Center for Cisco Security Agents is affected by a directory traversal vulnerability that may allow an authenticated attacker to view and download arbitrary files from the server that is hosting the Management Center for Cisco Security Agents.
Management Center for Cisco Security Agents SQL Injection Vulnerability
The Management Center for Cisco Security Agents is also affected by a SQL injection vulnerability that may allow an authenticated attacker to execute SQL statements that can cause the Management Center for Cisco Security Agents to become unstable or modify its configuration. These configuration changes may result in modifications to the security policies of the endpoints. Additionally, an attacker may create, delete, or modify management user accounts that are found in the Management Center for Cisco Security Agents.
Cisco Security Agent Denial of Service Vulnerability
Cisco Security Agent is affected by a DoS vulnerability that could allow an unauthenticated attacker to cause a system to crash by sending a series of TCP packets.
Note: Only Cisco Security Agent release 5.2 is affected by the DoS vulnerability. The Sun Solaris version of the Cisco Security Agent is not affected by these vulnerabilities.
Successful exploitation of the directory traversal vulnerability may allow an authenticated attacker to view and download arbitrary files from the server that is hosting the Management Center for Cisco Security Agents.
Successful exploitation of the SQL injection vulnerability may allow an authenticated attacker to execute SQL statements that can cause the Management Center for Cisco Security Agents to become unstable or modify its configuration.
Successful exploitation of the Cisco Security Agent DoS vulnerability may cause the affected system to crash. Repeated exploitation could result in a sustained DoS condition.
Patch Availability:
Cisco CSA software can be downloaded from the following link:
http://tools.cisco.com/support/downloads/go/Redirect.x?mdfid=278065206
Workaround:
Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this Advisory:
http://www.cisco.com/warp/public/707/cisco-amb-20100217-csa.shtml
CVE Information:
CVE-2010-0146
CVE-2010-0147
CVE-2010-0148
Disclosure Timeline:
Release Date: 2010-02-17
|
|
|
|
|
