Download
| Alert*
|
CVE-2006-0181
Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.1.3 has an undocumented administrative account with a default password, which allows local users to gain privileges via the expert command. CVE-2006-3734 Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root. CVE-2006-3732 Cisco Security Monitoring, Analysis and Response System (CS-MARS) before 4.2.1 ships with an Oracle database that contains several default accounts and passwords, which allows attackers to obtain sensitive information. CVE-2009-2977 The Cisco Security Monitoring, Analysis and Response System (CS-MARS) 6.0.4 and earlier stores cleartext passwords in log/sysbacktrace.## files within error-logs.tar.gz archives, which allows context-dependent attackers to obtain sensitive information by reading these files. |
