{"id":385,"date":"2014-01-26T11:06:26","date_gmt":"2014-01-26T10:06:26","guid":{"rendered":"http:\/\/www.yanael.com\/?p=385"},"modified":"2014-01-26T11:06:26","modified_gmt":"2014-01-26T10:06:26","slug":"failles-de-securite-critique-cisco-secure-access","status":"publish","type":"post","link":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/","title":{"rendered":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access"},"content":{"rendered":"<h2>Vuln\u00e9rabilit\u00e9 critique<\/h2>\n<p>C&#8217;est le 15\/01\/2014 que lors d&#8217;une maquette, les experts Cisco se sont aper\u00e7us d&#8217;une faille critique. Elle permet notamment d&#8217;acc\u00e9der \u00e0 distance \u00e0 des routeurs de la marque Cisco (et sous marque, Linksys) et d&#8217;obtenir un acc\u00e8s root. (Voir la video ci dessous)<\/p>\n<p>&nbsp;<\/p>\n<p><iframe loading=\"lazy\" src=\"\/\/www.youtube.com\/embed\/cv-MbL7KFKE\" height=\"315\" width=\"560\" allowfullscreen=\"\" frameborder=\"0\"><\/iframe><\/p>\n<p>&nbsp;<\/p>\n<p>Les connexions securis\u00e9es, vpn, radius sont impact\u00e9es en dessous du Secure Access Control Ssystem 5.5, il est fortement conseill\u00e9 de patcher et de fermer les ports 2020 et 2030 ainsi que de &#8220;dropper&#8221; les paquets gr\u00e2ce a un firewall pour \u00e9viter au maximum le risque.<\/p>\n<p><span style=\"text-decoration: underline;\"><em>En r\u00e9alit\u00e9 il s&#8217;agit de 3 vuln\u00e9rabilit\u00e9s :<\/em><\/span><\/p>\n<p><a title=\"CVE-2014-0649\" href=\"http:\/\/www.cvedetails.com\/cve\/CVE-2014-0649\/\" target=\"_blank\" rel=\"nofollow\" >CVE-2014-0649<\/a> qui permet l&#8217;\u00e9l\u00e9vation de privil\u00e8ges<\/p>\n<p><a title=\"CVE-2014-0648\" href=\"http:\/\/www.cvedetails.com\/cve\/CVE-2014-0648\/\" target=\"_blank\" rel=\"nofollow\" >CVE-2014-0648<\/a> faiblesse de l&#8217;authentification utilisateur<\/p>\n<p><a title=\"CVE-2014-0650\" href=\"http:\/\/www.cvedetails.com\/cve\/CVE-2014-0650\/\" target=\"_blank\" rel=\"nofollow\" >CVE-2014-0650<\/a> commande d&#8217;injection syst\u00e8me<\/p>\n<p>Le patch pour les fous n&#8217;ayant pas d\u00e9j\u00e0 patcher, c&#8217;est <a title=\"Patch Cisco\" href=\"http:\/\/tools.cisco.com\/security\/center\/content\/CiscoSecurityAdvisory\/cisco-sa-20140115-csacs\" target=\"_blank\" rel=\"nofollow\" class=\"broken_link\">ici<\/a><\/p>\n<p>N&#8217;oubliez pas que la s\u00e9curit\u00e9 informatique commence par l&#8217;information et la veille. <a title=\"CERT\" href=\"http:\/\/www.cert.ssi.gouv.fr\/site\/2014index.html\" target=\"_blank\" rel=\"nofollow\" class=\"broken_link\">A visiter tous les jours pour v\u00e9rifier les publications de failles et leurs seuils de criticit\u00e9<\/a><\/p>\n<p><a title=\"Source\" href=\"http:\/\/www.theregister.co.uk\/2014\/01\/20\/java_bug_burns_borg\/\" target=\"_blank\" rel=\"nofollow\" >Source<\/a><\/p>\n<p>&nbsp;<\/p>\n <!-- Easy AdSense Lite: WP is not in the loop.  -->\n","protected":false},"excerpt":{"rendered":"<p>Vuln\u00e9rabilit\u00e9 critique C&#8217;est le 15\/01\/2014 que lors d&#8217;une maquette, les experts Cisco se sont aper\u00e7us d&#8217;une faille critique. Elle permet notamment d&#8217;acc\u00e9der \u00e0 distance \u00e0 des routeurs de la marque Cisco (et sous marque, Linksys) et d&#8217;obtenir un acc\u00e8s root. (Voir la video ci dessous) &nbsp; &nbsp; Les connexions securis\u00e9es, vpn, radius sont impact\u00e9es en [&hellip;]<\/p>\n","protected":false},"author":6,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"ngg_post_thumbnail":0},"categories":[4,32],"tags":[237,232,234,72,169,233,235,236,304,106],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.6 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek<\/title>\n<meta name=\"description\" content=\"Vuln\u00e9rabilit\u00e9 critique C&#039;est le 15\/01\/2014 que lors d&#039;une maquette, les experts Cisco se sont aper\u00e7us d&#039;une faille critique. Elle permet notamment\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:title\" content=\"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek\" \/>\n<meta name=\"twitter:description\" content=\"Vuln\u00e9rabilit\u00e9 critique C&#039;est le 15\/01\/2014 que lors d&#039;une maquette, les experts Cisco se sont aper\u00e7us d&#039;une faille critique. Elle permet notamment\" \/>\n<meta name=\"twitter:creator\" content=\"@ari0k\" \/>\n<meta name=\"twitter:site\" content=\"@ari0k\" \/>\n<meta name=\"twitter:label1\" content=\"\u00c9crit par\" \/>\n\t<meta name=\"twitter:data1\" content=\"ari0k\" \/>\n\t<meta name=\"twitter:label2\" content=\"Dur\u00e9e de lecture estim\u00e9e\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\"},\"author\":{\"name\":\"ari0k\",\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/9e29ebede3b1978adbfcf2d0af50a879\"},\"headline\":\"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access\",\"datePublished\":\"2014-01-26T10:06:26+00:00\",\"dateModified\":\"2014-01-26T10:06:26+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\"},\"wordCount\":176,\"publisher\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7\"},\"keywords\":[\"access\",\"cisco\",\"escalade\",\"exploit\",\"faille\",\"patch\",\"privil\u00e8ge\",\"root\",\"S\u00e9curit\u00e9\",\"vulnerabilite\"],\"articleSection\":[\"Informatique\",\"S\u00e9curit\u00e9\"],\"inLanguage\":\"fr-FR\"},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\",\"url\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\",\"name\":\"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek\",\"isPartOf\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/#website\"},\"datePublished\":\"2014-01-26T10:06:26+00:00\",\"dateModified\":\"2014-01-26T10:06:26+00:00\",\"description\":\"Vuln\u00e9rabilit\u00e9 critique C'est le 15\/01\/2014 que lors d'une maquette, les experts Cisco se sont aper\u00e7us d'une faille critique. Elle permet notamment\",\"breadcrumb\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#breadcrumb\"},\"inLanguage\":\"fr-FR\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Accueil\",\"item\":\"http:\/\/www.yanael.com\/wp\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/www.yanael.com\/wp\/#website\",\"url\":\"http:\/\/www.yanael.com\/wp\/\",\"name\":\"Tranches de Veek\",\"description\":\"404 - C&#039;est comme la vie, mais en plus Geek !\",\"publisher\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/www.yanael.com\/wp\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"fr-FR\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7\",\"name\":\"ari0k\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/2.gravatar.com\/avatar\/8ce11527add5c4c8a0afb43e6cf75917?s=96&d=retro&r=g\",\"contentUrl\":\"http:\/\/2.gravatar.com\/avatar\/8ce11527add5c4c8a0afb43e6cf75917?s=96&d=retro&r=g\",\"caption\":\"ari0k\"},\"logo\":{\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/\"},\"sameAs\":[\"http:\/\/www.yanael.com\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/9e29ebede3b1978adbfcf2d0af50a879\",\"name\":\"ari0k\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"fr-FR\",\"@id\":\"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/2.gravatar.com\/avatar\/2c51ca3338c41882e80fc5a17ad72e9b?s=96&d=retro&r=g\",\"contentUrl\":\"http:\/\/2.gravatar.com\/avatar\/2c51ca3338c41882e80fc5a17ad72e9b?s=96&d=retro&r=g\",\"caption\":\"ari0k\"},\"sameAs\":[\"http:\/\/yanael.com\",\"tranches.de.veek\",\"https:\/\/twitter.com\/ari0k\"],\"url\":\"http:\/\/www.yanael.com\/wp\/author\/ari0k\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek","description":"Vuln\u00e9rabilit\u00e9 critique C'est le 15\/01\/2014 que lors d'une maquette, les experts Cisco se sont aper\u00e7us d'une faille critique. Elle permet notamment","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/","twitter_card":"summary_large_image","twitter_title":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek","twitter_description":"Vuln\u00e9rabilit\u00e9 critique C'est le 15\/01\/2014 que lors d'une maquette, les experts Cisco se sont aper\u00e7us d'une faille critique. Elle permet notamment","twitter_creator":"@ari0k","twitter_site":"@ari0k","twitter_misc":{"\u00c9crit par":"ari0k","Dur\u00e9e de lecture estim\u00e9e":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#article","isPartOf":{"@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/"},"author":{"name":"ari0k","@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/9e29ebede3b1978adbfcf2d0af50a879"},"headline":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access","datePublished":"2014-01-26T10:06:26+00:00","dateModified":"2014-01-26T10:06:26+00:00","mainEntityOfPage":{"@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/"},"wordCount":176,"publisher":{"@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7"},"keywords":["access","cisco","escalade","exploit","faille","patch","privil\u00e8ge","root","S\u00e9curit\u00e9","vulnerabilite"],"articleSection":["Informatique","S\u00e9curit\u00e9"],"inLanguage":"fr-FR"},{"@type":"WebPage","@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/","url":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/","name":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access | Tranches de Veek","isPartOf":{"@id":"http:\/\/www.yanael.com\/wp\/#website"},"datePublished":"2014-01-26T10:06:26+00:00","dateModified":"2014-01-26T10:06:26+00:00","description":"Vuln\u00e9rabilit\u00e9 critique C'est le 15\/01\/2014 que lors d'une maquette, les experts Cisco se sont aper\u00e7us d'une faille critique. Elle permet notamment","breadcrumb":{"@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#breadcrumb"},"inLanguage":"fr-FR","potentialAction":[{"@type":"ReadAction","target":["http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/www.yanael.com\/wp\/failles-de-securite-critique-cisco-secure-access-385\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Accueil","item":"http:\/\/www.yanael.com\/wp\/"},{"@type":"ListItem","position":2,"name":"Failles de s\u00e9curit\u00e9 critique CISCO Secure Access"}]},{"@type":"WebSite","@id":"http:\/\/www.yanael.com\/wp\/#website","url":"http:\/\/www.yanael.com\/wp\/","name":"Tranches de Veek","description":"404 - C&#039;est comme la vie, mais en plus Geek !","publisher":{"@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/www.yanael.com\/wp\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"fr-FR"},{"@type":["Person","Organization"],"@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/aba6b325d853c0a1a94f3542c487c6d7","name":"ari0k","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/","url":"http:\/\/2.gravatar.com\/avatar\/8ce11527add5c4c8a0afb43e6cf75917?s=96&d=retro&r=g","contentUrl":"http:\/\/2.gravatar.com\/avatar\/8ce11527add5c4c8a0afb43e6cf75917?s=96&d=retro&r=g","caption":"ari0k"},"logo":{"@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/"},"sameAs":["http:\/\/www.yanael.com"]},{"@type":"Person","@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/9e29ebede3b1978adbfcf2d0af50a879","name":"ari0k","image":{"@type":"ImageObject","inLanguage":"fr-FR","@id":"http:\/\/www.yanael.com\/wp\/#\/schema\/person\/image\/","url":"http:\/\/2.gravatar.com\/avatar\/2c51ca3338c41882e80fc5a17ad72e9b?s=96&d=retro&r=g","contentUrl":"http:\/\/2.gravatar.com\/avatar\/2c51ca3338c41882e80fc5a17ad72e9b?s=96&d=retro&r=g","caption":"ari0k"},"sameAs":["http:\/\/yanael.com","tranches.de.veek","https:\/\/twitter.com\/ari0k"],"url":"http:\/\/www.yanael.com\/wp\/author\/ari0k\/"}]}},"_links":{"self":[{"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/posts\/385"}],"collection":[{"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/users\/6"}],"replies":[{"embeddable":true,"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/comments?post=385"}],"version-history":[{"count":0,"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/posts\/385\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/media?parent=385"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/categories?post=385"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.yanael.com\/wp\/wp-json\/wp\/v2\/tags?post=385"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}