7969 matches found
CVE-2017-6773
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient...
CVE-2017-6775
Cisco StarOS on the Cisco ASR 5000 Series (StarOS 21.0.v0.65839) contains a local privilege escalation in the CLI. The flaw stems from incorrect permissions assigned to a set of users, allowing an authenticated attacker to log into the device shell and elevate privileges to admin-level by modifyi...
CVE-2017-6767
A vulnerability in Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are highe...
CVE-2017-6773
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient...
CVE-2017-6773
Cisco StarOS on ASR 5000 Series (StarOS 21.0.v0.65839) contains a local CLI input-validation vulnerability that allows an authenticated attacker to bypass CLI restrictions and run commands on the underlying OS. The issue stems from insufficient input sanitization in the CLI; an attacker could scr...
CVE-2017-6775
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to elevate their privileges to admin-level privileges. The vulnerability is due to incorrect permissions that are given to a set o...
Cisco Patches Privilege Escalation Bugs in APIC
Cisco patched two high-severity vulnerabilities in its Cisco Application Policy Infrastructure Controller APIC that could allow an attacker to elevate privileges on the host machine. The product automates and manages the APIC fabric, optimizing application performance and provisioning for physica...
Cisco Application Policy Infrastructure Controller SSH Privilege Escalation Vulnerability
A vulnerability in Cisco Application Policy Infrastructure Controller APIC could allow an authenticated, remote attacker to gain higher privileges than the account is assigned. The attacker will be granted the privileges of the last user to log in, regardless of whether those privileges are highe...
Cisco StarOS for ASR 5000 Series Routers Command-Line Interface Security Bypass Vulnerability
A vulnerability in the CLI of Cisco ASR 5000 Series Aggregated Services Routers running the Cisco StarOS operating system could allow an authenticated, local attacker to bypass the CLI restrictions and execute commands on the underlying operating system. The vulnerability is due to insufficient...
Cisco Policy Suite Privilege Escalation Vulnerability
A vulnerability in the management of shell user accounts for Cisco Policy Suite CPS Software for CPS appliances could allow an authenticated, local attacker to gain elevated privileges on an affected system. The affected privilege level is not at the root level. The vulnerability is due to...
[SECURITY] Fedora 26 Update: spatialite-tools-4.3.0-24.fc26
Spatialite-Tools is a set of useful CLI tools for SpatiaLite...
[SECURITY] Fedora 26 Update: wireshark-2.2.8-1.fc26
Metapackage with installs wireshark-cli and wireshark-qt...
NetworkManager and libnl3 security, bug fix and enhancement update
NetworkManager 1:1.8.0-9 - device: don't change MTU unless explicitly configured rh 1460760 - core: don't remove external IPv4 addresses rh 1459813 1:1.8.0-8 - cli: fix output of iface in overview output rh1460219 - ppp: unexport NMPPPManager instance on dispose rh1459579 - cli: remove spurious...
Fedora Update for openvas-cli FEDORA-2017-3fb16e3a65
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Juniper Junos CLI XML Privilege Escalation (JSA10805)
According to its self-reported version number, the remote Juniper Junos device is affected by a privilege escalation vulnerability in the CLI component due to improper validation of user-supplied input before being processed as XML content. A local attacker can exploit this, via XML injection, to...
Juniper Junos CLI Local Privilege Escalation (JSA10803)
According to its self-reported version number, the remote Juniper Junos device is affected by an unspecified buffer overflow condition in the CLI component that allows a local attacker who has read-only privileges to execute arbitrary code with root privileges. C Tenable Network Security, Inc...
Cisco Web Security Appliance Multiple Vulnerabilities
According to its self-reported version, the remote Cisco Web Security Appliance WSA device is affected by one or more vulnerabilities : - An unspecified flaw exists in the web-based interface due to improper validation of user-supplied input. An authenticated, remote attacker who has valid...
[ASA-201707-28] wireshark-cli: denial of service
Arch Linux Security Advisory ASA-201707-28 ========================================== Severity: Low Date : 2017-07-26 CVE-ID : CVE-2017-11406 CVE-2017-11407 CVE-2017-11408 CVE-2017-11410 CVE-2017-11411 Package : wireshark-cli Type : denial of service Remote : Yes Link :...
Command injection
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtu...
CVE-2017-6748
A vulnerability in the CLI parser of the Cisco Web Security Appliance WSA could allow an authenticated, local attacker to perform command injection and elevate privileges to root. The attacker must authenticate with valid operator-level or administrator-level credentials. Affected Products: virtu...