| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <545B2FAB.1040206@securify.nl> Date: Thu, 06 Nov 2014 09:22:03 +0100 From: "Securify B.V." <lists@...urify.nl> To: fulldisclosure@...lists.org Subject: [FD] Cisco RV Series multiple vulnerabilities ------------------------------------------------------------------------ Cisco RV Series multiple vulnerabilities ------------------------------------------------------------------------ Yorick Koster, June 2013 ------------------------------------------------------------------------ Abstract ------------------------------------------------------------------------ Multiple vulnerabilities have been found in Cisco RV Series devices that allows an attacker to overwrite/create arbitrary files, execute arbitrary commands, and execute Cross-Site Request Forgery attacks. ------------------------------------------------------------------------ Affected versions ------------------------------------------------------------------------ These following Cisco RV Series devices are affected by these issues: - Cisco RV120W Wireless-N VPN Firewall running firmware prior to 1.0.5.9 - Cisco RV180 VPN Router and Cisco RV180W Wireless-N Multifunction VPN Router running firmware versions prior to 1.0.4.14 - Cisco RV220W Wireless Network Security Firewall running any currently available release ------------------------------------------------------------------------ Fix ------------------------------------------------------------------------ Please consult Cisco advisory cisco-sa-20141105-rv [4] for fix information. ------------------------------------------------------------------------ Details ------------------------------------------------------------------------ https://www.securify.nl/advisory/SFY20130601/cisco_rv_series_multiple_vulnerabilities.html ------------------------------------------------------------------------ References ------------------------------------------------------------------------ [1] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2177 [2] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2178 [3] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-2179 [4] http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141105-rv _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Powered by blists - more mailing lists