Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System (CS-MARS)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Security Monitoring, Analysis and Response System CS-MARS Document ID: 70728 Advisory ID: cisco-sa-20060719-mars http://www.cisco.com/warp/public/707/cisco-sa-20060719-mars.shtml Revision 1.0...

CVE-2006-3734

Multiple unspecified vulnerabilities in the Command Line Interface CLI for Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root...

CVE-2006-3734

Cisco CS-MARS (Security Monitoring, Analysis and Response System) prior to version 4.2.1 contains multiple vulnerabilities in the CLI that allow local administrators to execute arbitrary commands as root. Affected component is the CLI interface; root-level privilege escalation is the impact state...

CVE-2006-3734

Multiple unspecified vulnerabilities in the Command Line Interface CLI for Cisco Security Monitoring, Analysis and Response System CS-MARS before 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root...

CVE-2006-3593

The command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704...

CVE-2006-3592

Unspecified vulnerability in the command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005...

CVE-2006-3593

The command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704...

CVE-2006-3593

CVE-2006-3593 affects Cisco Unified CallManager (CUCM) in versions 5.0(1) through 5.0(3a). The vulnerability enables local users to overwrite arbitrary files by redirecting a command’s output to a file or folder, described as bug CSCse31704. The connected documents confirm the affected product an...

CVE-2006-3592

Unspecified vulnerability in the command line interface CLI in Cisco Unified CallManager CUCM 5.01 through 5.03a allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005...

CVE-2006-3592

Cisco Unified CallManager (CUCM) 5.0(1)–5.0(3a) contains an unspecified CLI vulnerability (bug CSCse11005) that allows local users to execute arbitrary commands with elevated privileges via certain CLI commands. Affected component: CLI in CUCM. Root cause: unspecified vectors within the CLI comma...

Current Versions Release History

Current Versions Release History 5.1c2 30-Jun-06 Valid Core License Keys: issued between 01-Jun-2004 and 31-Oct-2004, or on or after 01-Jun-2005. Admin: Lawful Intercept for Signals is implemented. WSSP: now all string prefixes HTML, JAVASCRIPT, etc. support numeric data. XIMSS: the Signal...

FreeBSD : PHP -- multiple vulnerabilities (6821a2db-4ab7-11da-932d-00055d790c25)

A Secunia Advisory reports : Some vulnerabilities have been reported in PHP, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and potentially compromise a vulnerable system. %NASLMINLEVEL 70300 C Tenable Network Security, In...

CVE-2006-2043

CVE-2006-2043 affects IP3 Networks NetAccess NA75 with the na-img-4.0.34.bin image; backtick characters in the appliance CLI enable local users to gain Unix shell access, indicating a command-injection-style vulnerability in the CLI parsing. No remediation details are provided in the supplied doc...

Command injection

Cisco CiscoWorks Wireless LAN Solution Engine WLSE and WLSE Express before 2.13, Hosting Solution Engine HSE and User Registration Tool URT before 20060419, and all versions of Ethernet Subscriber Solution Engine ESSE and CiscoWorks2000 Service Management Solution SMS allow local users to gain...

CVE-2006-1961

CiscoWorks WLSE/WLSE Express <2.13, HSE and URT

CVE-2006-0531

Unspecified vulnerability in Sun Java System Access Manager 7.0 allows local users logged in as "root" to bypass authentication and gain top-level administrator privileges via the amadmin CLI tool...

CVE-2006-0531

CVE-2006-0531 affects Sun Java System Access Manager 7.0. The vulnerability allows local users logged in as root to bypass authentication and gain top-level administrator privileges via the amadmin CLI. Remediation referenced in connected documents includes Sun patches 120954-12 and 120955-12 for...

Nortel/Bay Networks/Xylogics Annex Default Password (Telnet)

The remote terminal server has the default password set. SPDX-FileCopyrightText: 2003 Douglas Minderhout Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2005-2681

Unspecified vulnerability in the command line processing CLI logic in Cisco Intrusion Prevention System 5.01 and 5.02 allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors...

CVE-2005-2681

Unspecified vulnerability in the command line processing CLI logic in Cisco Intrusion Prevention System 5.01 and 5.02 allows local users with OPERATOR or VIEWER privileges to gain additional privileges via unknown vectors...