Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability
From: psirt () cisco com
Date: Mon, 28 Feb 2011 14:20:00 +0800

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

This is the Cisco PSIRT response to an issue that was discovered and 
reported to Cisco by ZDI regarding a vulnerability in Cisco Secure 
Desktop.

The original report is available at the following link: 
http://www.zerodayinitiative.com/advisories/ZDI-11-091

We greatly appreciate the opportunity to work with researchers on 
security vulnerabilities and welcome the opportunity to review and
assist in product reports.

This vulnerability is documented in Cisco bug ID CSCti97720.

Cisco has published Intellishield alert ID 22529, which is available
at the following link:
http://tools.cisco.com/security/center/viewAlert.x?alertId=22529

Regards

Paul Oxman
PSIRT Incident Manager

poxman () cisco com
Phone: +65 6317 7418
Pager: poxman () epage cisco com
Cisco Systems, Inc. Singapore
Cisco.com - http://www.cisco.com/global/SG/ 
PGP Key: 0x6EA839A6
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (SunOS)

iFcDBQFNazz/QXnnBKKRMNARCOOTAP4nB/FF0rdDHRJoim/0np9x8X42Mz7/FCyN
J6BKiLw0HwD+Ohbh6qBXM1PjO3b1IRUWXm8FGZ3H+4pCPPqLj383hQg=
=kzKR
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • Re: ZDI-11-091: (0day) Cisco Secure Desktop CSDWebInstaller Remote Code Execution Vulnerability psirt (Feb 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]