funsec mailing list archives
Cisco Vulnerabilities in IOS XR MPLS, WLSE Appliance
From: "Fergie" <fergdawg () netzero net>
Date: Wed, 19 Apr 2006 16:24:50 GMT
Via Cisco: [snip] Cisco IOS XR MPLS Vulnerabilities http://www.cisco.com/en/US/products/ps5763/products_security_advisory09186a008066733f.shtml Multiple Multi Protocol Label Switching (MPLS) related vulnerabilities exist on Cisco IOSĀ® XR. Only systems that are running Cisco IOS XR and configured for MPLS are affected by these vulnerabilities. Upon successful exploitation a Modular Services Card (MSC) on a Cisco Carrier Routing System 1 (CRS-1) or a Line Card (LC) on a Cisco 12000 series router may reload affecting switched traffic. Multiple Vulnerabilities in the WLSE Appliance http://www.cisco.com/en/US/products/ps6305/products_security_advisory09186a0080667332.shtml There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated access to the command line interface to obtain access to the underlying operating system. [snip] - ferg -- "Fergie", a.k.a. Paul Ferguson Engineering Architecture for the Internet fergdawg () netzero net or fergdawg () sbcglobal net ferg's tech blog: http://fergdawg.blogspot.com/ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Cisco Vulnerabilities in IOS XR MPLS, WLSE Appliance Fergie (Apr 19)