In association with heise online

« previous | next »
22 July 2010, 17:36

Cisco's Content Delivery System discloses files

Cisco Logo Internet Streamer, a component of Cisco's Content Delivery System that handles the sharing of videos on the internet, discloses arbitrary files outside of the shared web folder to attackers. For instance, it is possible to access password and log files.

To be successful, attackers only need to confront the server component with a suitably crafted URL. Cisco closed the security hole in version 2.5.7, but all older versions are vulnerable. The vendor recommends that users update to version 2.5.9, which also contains other fixes.

(crve)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-1043869

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung Galaxy S2 i9100 16GB schwarz
  2. Crucial m4 SSD 128GB
  3. Intel Core i5-2500K
  4. TeamGroup Elite DIMM Kit 8GB PC3-10667U CL9-9-9-24 (DDR3-1333)
  5. Intel Core i7-2600K
  6. ASUS EAH6870 DC/2DI2S/1GD5
  7. ASRock Z68 Pro3
  8. Samsung Galaxy S Plus i9001 schwarz 8GB
  9. Samsung EcoGreen F4 2000GB
  10. Samsung Galaxy S i9000 schwarz 8GB

The H

The H open source

The H Security

The H Internet Toolkit