Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 04:51:43 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1501726637&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F1007-advisories%2Fcisco-sa-20100721-spcdn.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1501726637.1338180703.1338180703.1338180703.1%3B%2B__utmz%3D32867617.1338180703.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/92050/cisco-sa-20100721-spcdn.txt http://packetstormsecurity.org/files/92050/cisco-sa-20100721-spcdn.txt http://packetstormsecurity.org/files/92050/Cisco-Security-Advisory-20100721-spcdn.html Thu, 22 Jul 2010 00:24:23 GMT Cisco Security Advisory - The Cisco Internet Streamer application, part of the Cisco Content Delivery System, contains a directory traversal vulnerability on its web server component that allows for arbitrary file access. By exploiting this vulnerability, an attacker may be able to read arbitrary files on the device, outside of the web server document directory, by using a specially crafted URL. An unauthenticated attacker may be able to exploit this issue to access sensitive information, including the password files and system logs, which could be leveraged to launch subsequent attacks. Cisco has released free software updates that address this vulnerability.