受影响系统:
Cisco FindIT Network Discovery Utility
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 101896
CVE(CAN) ID: CVE-2017-12314
Cisco FindIT Network Discovery Utility是小型企业网络发现实用程序。
Cisco FindIT Network Discovery Utility存在安全漏洞,可使经身份验证的本地攻击者执行DLL预加载攻击,影响设备可用性、机密性、完整性。此漏洞源于应用加载了恶意的DLL文件,攻击者在主机系统的搜索路径中放置受影响DLL利用此漏洞。
<*来源:Stefan Kanthak
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-findit
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20171115-findit)以及相应补丁:
cisco-sa-20171115-findit:Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-findit
受影响系统:
Cisco FindIT Network Discovery Utility
描述:
--------------------------------------------------------------------------------
BUGTRAQ ID: 101896
CVE(CAN) ID: CVE-2017-12314
Cisco FindIT Network Discovery Utility是小型企业网络发现实用程序。
Cisco FindIT Network Discovery Utility存在安全漏洞,可使经身份验证的本地攻击者执行DLL预加载攻击,影响设备可用性、机密性、完整性。此漏洞源于应用加载了恶意的DLL文件,攻击者在主机系统的搜索路径中放置受影响DLL利用此漏洞。
<*来源:Stefan Kanthak
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-findit
*>
建议:
--------------------------------------------------------------------------------
厂商补丁:
Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20171115-findit)以及相应补丁:
cisco-sa-20171115-findit:Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability
链接:https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-findit
安全优佳
http://news.secwk.com
长按识别左侧二维码,关注我们
本文始发于微信公众号(安全优佳):Cisco FindIT Discovery Utility不安全库加载漏洞
- 左青龙
- 微信扫一扫
-
- 右白虎
- 微信扫一扫
-
评论