Phone: | 980-254-6961 |
Website: | http://www.blaynedreier.com |
Email: | [email protected] |
Software, Hardware, and Corporate Network Security Assessment, Penetration Testing, Vulnerability Assessment, Threat Modeling, Risk Analysis, Infrastructure Automation, ISO 27k Preparation and Implementation, Burp Suite, TCP/IP, Python, Ansible, HAProxy, nginx, AWS, Mesos, Marathon, HDFS, ZooKeeper, Chronos, IOS, Cisco Routers/Switches/Firewalls (ASA), DDoS, IDS/IPS, Java, C, C++, PHP, HTML, Javascript, XML, Linux, MacOS (OSX), Windows, SQL, Wireshark, OWASP, VirtualBox, VMware VSphere ESX/ESXi
CVE-2014-0667
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0667
The RMI interface in Cisco Secure Access Control System (ACS) does not properly enforce authorization requirements, which allows remote authenticated users to read arbitrary files via a request to this interface, aka Bug ID CSCud75169.
CVE-2014-0656
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0656
Cisco Context Directory Agent (CDA) allows remote authenticated users to trigger the omission of certain user-interface data via crafted field values, aka Bug ID CSCuj45353.
CVE-2014-0655
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0655
The Identity Firewall (IDFW) functionality in Cisco Adaptive Security Appliance (ASA) Software allows remote attackers to change the user-cache contents via a replay attack involving crafted RADIUS Change of Authorization (CoA) messages, aka Bug ID CSCuj45332.
CVE-2014-0654
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0654
Cisco Context Directory Agent (CDA) allows remote attackers to modify the cache via a replay attack involving crafted RADIUS accounting messages, aka Bug ID CSCuj45383.
CVE-2014-0652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0652
Cross-site scripting (XSS) vulnerability in the Mappings page in Cisco Context Directory Agent (CDA) allows remote attackers to inject arbitrary web script via a crafted URL, aka Bug ID CSCuj45358.
CVE-2014-0651
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0651
The administrative interface in Cisco Context Directory Agent (CDA) does not properly enforce authorization requirements, which allows remote authenticated users to obtain administrative access by hijacking a session, aka Bug ID CSCuj45347.
CVE-2014-0649
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0649
The RMI interface in Cisco Secure Access Control System (ACS) 5.x before 5.5 does not properly enforce authorization requirements, which allows remote authenticated users to obtain superadmin access via a request to this interface, aka Bug ID CSCud75180.
CVE-2013-5541
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5541
Cross-site scripting (XSS) vulnerability in the file-upload interface in Cisco Identity Services Engine (ISE) allows remote authenticated users to inject arbitrary web script or HTML via a crafted filename, aka Bug ID CSCui67495.
CVE-2013-5540
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5540
The file-upload feature in Cisco Identity Services Engine (ISE) allows remote authenticated users to cause a denial of service (disk consumption and administration-interface outage) by uploading many files, aka Bug ID CSCui67519.
CVE-2013-5539
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5539
The upload-dialog implementation in Cisco Identity Services Engine (ISE) allows remote authenticated users to upload files with an arbitrary file type, and consequently conduct attacks against unspecified other systems, via a crafted file, aka Bug ID CSCui67511.
CVE-2013-5538
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5538
The Sponsor Portal in Cisco Identity Services Engine (ISE) uses weak permissions for uploaded files, which allows remote attackers to read arbitrary files via a direct request, aka Bug ID CSCui67506.
CVE-2012-5736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5736
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
CVE-2012-5035
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5035
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
Dynamic second factor authentication for cookie-based authentication
Issued
https://patents.google.com/patent/US10158487B2
Method and system for delegating administrative control across domains
Issued
https://patents.google.com/patent/US20150128264
Method and apparatus for identifying a physical link interconnecting network devices
Issued
https://patents.google.com/patent/US8675496
Automatic correlation of dynamic system events within computing devices
Issued
https://patents.google.com/patent/US20140172919
Kinetic event detection in microphones
Issued
https://www.google.com/patents/US20140270275
Visualization of Question and Related Informational Item Data
https://patents.google.com/patent/US20140146051
Visualizing a network connection's overall health and providing actionable information
Published
http://ip.com/IPCOM/000223070
Method for detection and indication of audio stream degradation in Voice over IP telecommunication sessions
Published
http://ip.com/IPCOM/000239553
Public documentation
Applying different IPS policies to specific flows with the AIP-SSM
https://supportforums.cisco.com/blog/149951/applying-different-ips-policies-specific-flows-aip-ssm
Cut-Through and Direct ASA Authentication
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113363-asa-cut-through-config-00.html
Forum participation
https://supportforums.cisco.com/users/cdreier
TAC Security Podcast
https://supportforums.cisco.com/document/48396/tac-security-podcast-show-information-and-episode-listing
Cisco IPS Software
https://supportforums.cisco.com/video/11927661/cisco-ips-software
TAC IPS Media Series
https://supportforums.cisco.com/document/48896/tac-ips-media-series-show-information-and-episode-listing
3 days
50
/
Have a Resumonk account with email and password login?