Internet Security

SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Cisco Secure Desktop Remote XSS Vulnerability
This vulnerability (CVE-2010-0440) could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has released patches to address the vulnerability as well as workaround to mitigate this risk. The Cisco alert is available here. The following versions are vulnerable: - Cisco Secure Desktop versions prior to 3.5 - Cisco ASA appliances are vulnerable only if the Cisco Secure Desktop feature has been enabled - Cisco ASA appliance versions prior to 8.2(1), 8.1(2.7), and 8.0(5) are vulnerable ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot org	Guy 515 Posts ISC Handler Feb 2nd 2010
Thread locked Subscribe	Feb 2nd 2010 1 decade ago