As I mentioned last week I’ve soured on the Cisco gang since their foolishness from last year. Now, one of the very products that Cisco was trying to get me to buy into, has some holes in the fabric.
Cisco Security Monitoring, Analysis and Response System (CS-MARS) software contains vulnerabilities related to third-party software and the command line interface (CLI).
* CS-MARS ships with an Oracle database. The database contains several default Oracle accounts which have well-known passwords. If access to the database is obtained, the default accounts may be used to access sensitive information contained in the database.
* CS-MARS ships with the JBoss web application server. A component of the JBoss installation may allow a remote, unauthenticated user to execute arbitrary shell commands with the privileges of the CS-MARS administrator.
* The CS-MARS CLI contains several vulnerabilities which may allow authenticated administrators to execute arbitrary shell commands with root privileges.All vulnerabilities addressed in this advisory have been corrected in CS-MARS software version 4.2.1.
Cisco has made free software available to address these vulnerabilities for affected customers. There are no workarounds.
Tags: Cisco, Cisco MARS, MARS, Security Advisory, Vulnerability
