Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: Cisco MARS vulnerabilities SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cisco MARS vulnerabilities
Cisco released earlier today an advisory pointing out vulnerabilities in one of their security managment products: Cisco Security Monitoring, Analysis and Response System (CS-MARS).

  • The included Oracle database has default passwords
  • The included JBoss webserver allows remote code execution
  • A privilege escalation problem that allows administrators to gain root access to the machine
Swa Frantzen -- Section 66

760 Posts
Jul 19th 2006

Sign Up for Free or Log In to start participating in the conversation!