Security Bytes: Cisco and Metasploit fix flaws

Cisco patches CS-MARS flaws and Metasploit creator H.D. Moore warns of a serious Internet Explorer flaw

SearchSecurity.com Staff

Published: 20 Jul 2006 1:00

Cisco patches CS-MARS flaws
Attackers could exploit several security holes in Cisco's Security Monitoring, Analysis and Response System (CS-MARS) to take complete control of an affected system or gain knowledge of sensitive information. A fixed version of the program is now available.

The San Jose, Calif.-based networking giant said in an advisory that version 4.2.1 of CS-MARS -- a security system that receives and analyzes event logs from various network devices and reports any security issues -- fixes the following problems:

CS-MARS uses an Oracle database to store sensitive network event and configuration data. The information contained in the database potentially includes authentication credentials for network devices, such as firewalls, routers and IPS devices, and the details of network security events, Cisco said. By default, Oracle databases contain several built-in accounts with well-known passwords and, if access can be gained to the database, the accounts could potentially be used to compromise the information stored in the database.

CS-MARS contains an installation of the JBoss Web application server. It may be possible for a remote, unauthenticated user to create a specially-crafted HTTP request that executes arbitrary shell commands on the CS-MARS appliance with the privileges of the CS-MARS administrator via the optional JBoss JMX console. Cisco said.

The CS-MARS CLI -- a restricted shell environment that allows authenticated administrators to perform system maintenance tasks -- contains several privilege escalation vulnerabilities that may allow shell commands to be executed on the underlying appliance operating system with root privileges, Cisco said.

Metasploit creator warns of serious IE flaw
Metasploit Framework creator H.D. Moore has outlined a serious vulnerability in Microsoft Internet Explorer (IE) as part of his Month of Browser Bugs campaign.

Moore has been posting at least one new browser flaw a day in his Browser Fun blog as part of the effort, which he has said will continue through the month of July. One of the latest postings for IE caught the attention of the French Security Incident Response Team (FrSIRT), which labeled the flaw critical in an advisory.

Remote attackers could exploit the flaw to crash a vulnerable browser or potentially take complete control of an affected system, FrSIRT warned. "This flaw is due to an integer overflow error in the Common Controls library 'comctl32.dll' when processing a 'WebViewFolderIcon' object with a specially crafted 'setSlice()' method, which could be exploited by attackers to cause a denial of service or execute arbitrary commands by convincing a user to visit a specially crafted Web page," FrSIRT said.

Cisco may get more unwanted attention at Black Hat
Last year's Black Hat Briefings conference in Las Vegas was dominated by the controversy caused by researcher Michael Lynn's demonstration of a Cisco router exploit. Lynn isn't scheduled as a presenter at this year's Black Hat proceedings, which take place Aug. 2 and 3, but Cisco's products may be under the microscope again.

Fifteen new exploits will be detailed at this year's conference and two of them target NAC (Network Admission Control) and VoIP vulnerabilities in products from Cisco and other vendors. Black Hat Director Jeff Moss told the IDG News Service that vulnerability researchers are shifting focus from Windows flaws to other areas like NAC and VoIP.

Black Hat and Cisco settled a lawsuit over the Lynn affair after conference organizers promised not to proliferate Lynn's findings. The IDG News Service noted that a Cisco lawsuit regarding any potential disclosures at the upcoming conference is unlikely because the exploits are related to underlying technologies used in many products, not just those produced by Cisco.

Security Bytes: Cisco and Metasploit fix flaws

Cisco patches CS-MARS flaws and Metasploit creator H.D. Moore warns of a serious Internet Explorer flaw

Read more on IT risk management

Start the conversation

0 comments

Please create a username to comment.

-ADS BY GOOGLE

SearchCIO

Don't let edge computing security concerns derail your plans

Risk-based digital identity benefits CIOs, CMOs and customers

Agile practices endure and continue to adapt

SearchSecurity

Use network traffic analysis to detect next-gen threats

Check Point: Qualcomm TrustZone flaws could be 'game over'

InfoTrax settles FTC complaint, will implement infosec program

SearchNetworking

5 common SD-WAN challenges and how to prepare for them

The top 10 network security best practices to implement today

SD-WAN explained in 15 key terms and phrases

SearchDataCenter

Understand top public cloud repatriation use cases

Microsoft quantum development turns toward hardware

Top 5 options for Linux certifications

SearchDataManagement

Redis Labs eases database management with RedisInsight

How AI could save the enterprise data catalog

With Vitess 4.0, database vendor matures cloud-native platform

Read more on IT risk management

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.