In association with heise online

22 July 2010, 16:36

Cisco's Content Delivery System discloses files

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco Logo Internet Streamer, a component of Cisco's Content Delivery System that handles the sharing of videos on the internet, discloses arbitrary files outside of the shared web folder to attackers. For instance, it is possible to access password and log files.

To be successful, attackers only need to confront the server component with a suitably crafted URL. Cisco closed the security hole in version 2.5.7, but all older versions are vulnerable. The vendor recommends that users update to version 2.5.9, which also contains other fixes.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit