On MovieTome: R2D2 was in Star Trek?
BNET Business Network:
BNET
TechRepublic
ZDNet

December 6th, 2007

Critical flaw in Cisco Security Agent for Windows

Posted by Ryan Naraine @ 1:17 pm

Categories: Botnets, Cisco, Data theft, Exploit code, Hackers, Metasploit, Microsoft, Patch Watch, Pen testing, Responsible disclosure, Viruses and Worms, Vulnerability research, Zero-day attacks

Tags: Agent, Microsoft Windows, TCP, Cisco Systems Inc., Flaw, Real Estate, Tcp/Ip, Business Operations, Networking, Ryan Naraine

Critical flaw in Cisco Security Agent for WindowsSwitching and networking vendor Cisco is warning of a critical vulnerability affecting the Cisco Security Agent for Microsoft Windows.

The flaw, which carries a CVSS rating of 10.0 (the highest possible severity score), can be exploited remotely and causes corruption of kernel memory, which leads to a Windows stop error (blue screen) or to arbitrary code execution.

[ SEE: Can you really trust your security vendor? ]

Cisco Security Agent is a security software agent that provides threat protection for server and desktop computing systems.

From Cisco’s alert:

The vulnerability is triggered when Cisco Security Agent is processing a crafted TCP segment destined to TCP port 139 or 445. These ports are used by the Microsoft Server Message Block (SMB) protocol. A TCP session needs to be established (that is, the TCP three-way handshake needs to be completed) for the vulnerability to be triggered.

All systems that are running a vulnerable version of Cisco Security Agent for Windows are affected. This includes Cisco products that integrate standalone Cisco Security Agents, such as Cisco IP Communications applications servers and the Cisco Security Manager.

Ryan NaraineRyan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.


Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

  • Talkback
  • Most Recent of 2 Talkback(s)
This doesn't surprise me
I recently tried to install a Cisco ADSL2 modem/router on my main business Internet connection. It was large, it was expensive and the software looked like it was written in the 70s and the documenta... (Read the rest)
Posted by: tonymcs@... Posted on: 12/06/07 You are currently: a Guest | | Terms of Use
The case of the security guard turning over your keys to the kingdom  georgeou | 12/06/07
This doesn't surprise me  tonymcs@... | 12/06/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement

Recent Entries

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors
advertisement

Archives

Favorite Links

ZDNet Blogs

White Papers, Webcasts, and Downloads

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here