SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Cisco Secure Desktop Vendors:   Cisco
Cisco Secure Desktop Cache Cleaner '.jar' File Lets Remote Users Execute Arbitrary Commands
SecurityTracker Alert ID:  1032140
SecurityTracker URL:  http://securitytracker.com/id/1032140
CVE Reference:   CVE-2015-0691   (Links to External Site)
Date:  Apr 15 2015
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in Cisco Secure Desktop. A remote user can cause arbitrary commands to be executed on the target user's system.

A remote user can create specially crafted HTML that, when loaded by the target user, will trigger a flaw in the Cisco-signed Java Archive (JAR) executable Cache Cleaner component and execute arbitrary commands on the target system. The commands will run with the privileges of the target user.

The vendor has assigned bug ID CSCup83001 to this vulnerability.

Cisco Host Scan standalone and CiscoAnyConnect Secure Mobility Client are not affected.

Jason Sinchak reported this vulnerability.

Impact:   A remote user can create a file that, when loaded by the target user, will execute arbitrary commands on the target user's system.
Solution:   The vendor has described a configuration solution in their advisory.

The vendor notes that the Cache Cleaner feature has been deprecated since November 2012.

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd

Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  Cisco Security Advisory: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Cisco Secure Desktop Cache Cleaner Command Execution Vulnerability

Advisory ID: cisco-sa-20150415-csd

Revision 1.0

For Public Release 2015 April 15 16:00  UTC (GMT) 

+----------------------------------------------------------------------

Summary
=======
A vulnerability in a Cisco-signed Java Archive (JAR) executable Cache Cleaner component of Cisco Secure Desktop could allow an unauthenticated, remote attacker to execute arbitrary commands on the client host where the affected .jar file is executed. Command execution would occur with the privileges of the user.

The Cache Cleaner feature has been deprecated since November 2012.

There is no fixed software for this vulnerability. Cisco Secure Desktop packages that includes the affected .jar files have been removed and are not anymore available for download.

Because Cisco does not control all existing Cisco Secure Desktop packages customers are advised to ensure to ensure that their Java blacklists controls have been updated to avoid potential exploitation. Refer to the "Workarounds" section of this advisory for additional information on how to mitigate this vulnerability.

Customers using Cisco Secure Desktop should migrate to Cisco Host Scan standalone package.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150415-csd



-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.22 (Darwin)
Comment: GPGTools - https://gpgtools.org

iQIcBAEBCgAGBQJVLoBCAAoJEIpI1I6i1Mx3jqoP/3YokxHktgbCs1FMmWGpsAQy
QYUf80APQYeDDmkPNVoYgD7dgYWrohukrVtfjrM1hJ5DYFWV6LZiWSJYQy/RZbRz
2FWPJc2NoAXZZVUwk/QUFg5rBsaBJ8UW8E1+TkLjiG6fDTgq4KABfUzVBAoj7/R2
iiTuagamL5xuVEJouY+HbrKHBIxOn4FpFVOoWE/Ah1nvGOQe2U/R3Ws9wMvCCoFA
+jkSWMjody88RUxykHqkQSz7jjIKCPMQEN6zuMCD6lnbzF39HTMLNdyNf40bnDcJ
C8FakUnT0ULBiwCqdRiNoxs6g6yaaA+y9yPynTXQEOAuxu1vSQoiVvZZ+U6Rzr+7
ot3tO0CmlweY0joL9bqTLvPvf7uM2IHqrwhqmhii7NPq1BXmrKeYQSF2EJghhe3t
0+ACNmEdL/xmP71sNOKSeZnSVJU6yTfENx08LeP5vTqqOqUwSO/oK72OAfuY5CmY
X6dDP2C4AolnecYuO12r4ig69qKsopuAQxV12eq6qENu/RkTF7Sk3ToF2fOfupEJ
t6l2V1IzSVmKbix1rqBTzmnEMTe0Rg0YY1sZAN0otDZUZe61cn3iL+vKX1/ScvaU
ISE6scZ7d/F9bfcrruw1Q38UvmqrZ8ojp5hJ0EL7nixlIdN3dTmsqfK6LrT9sX4/
Iim9WdrACjZ91xLsKO0X
=E1eG
-----END PGP SIGNATURE-----
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command "unsubscribe" in the subject of your message to cust-security-announce-leave@cisco.com
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC