Cisco Aironet 1850 Access Point Privilege Escalation Vulnerability

A vulnerability in the command-line interface CLI of the Cisco Aironet 1850 Series Access Point device could allow an authenticated, local attacker to obtain elevated privileges to the restricted shell on the device. The vulnerability is due to a lack of proper escape protections when validating...

[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Advisory ID: SYSS-2015-007 Product: Kaspersky Internet Security KIS Vendor: Kaspersky Lab ZAO Affected Versions: 15.0.2.361 Tested Versions: 15.0.2.361 Vulnerability Type: Authentication Bypass Using an Alternate Path or Channel CWE-288 Risk Level:...

Speedtest - Command Line Interface for Testing Internet Bandwidth

speedtest-cli is a command line interface for testing internet bandwidth using speedtest.net Installation pip / easyinstall pip install speedtest-cli or easyinstall speedtest-cli Github pip install git+https://github.com/sivel/speedtest-cli.git or git clone...

Citrix NetScaler ADC/NetScaler Gateway Elevation of Privilege Vulnerability

Citrix NetScaler ADCs are application delivery controllers that optimize enterprise service delivery.Citrix Access Gateway is a general purpose SSL VPN appliance. Multiple vulnerabilities exist in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway versions prior to 10.1...

CVE-2015-5538

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the 1 Command Line Interfa...

Design/Logic Flaw

Multiple unspecified vulnerabilities in Citrix NetScaler Application Delivery Controller ADC and NetScaler Gateway before 10.1 Build 132.8, 10.5 before Build 57.7, and 10.5e before Build 56.1505.e allow remote attackers to gain privileges via unknown vectors, related to the 1 Command Line Interfa...

CVE-2015-5538

Citrix NetScaler ADC/NetScaler Gateway vuln (CVE-2015-5538) allows remote attackers to gain privileges via unknown vectors, affecting NetScaler ADC/Gateway versions prior to 10.1 Build 132.8, 10.5 prior to Build 57.7, and 10.5e prior to Build 56.1505.e. Descriptions consistently cite privilege es...

The vulnerability of the microprogramming software of the Cisco TelePresence Video Communication Server allows a intruder to gain privileges of the root user.

The vulnerability of the CLI component of the Microprogramming Software for Cisco TelePresence Video Communication Server exists due to insufficient validation of input data. Exploiting this vulnerability can allow a malicious actor, operating locally, to gain root user privileges by modifying...

Cisco Application Control Engine 4700 A5 Security Bypass Vulnerability

The Cisco Application Control Engine 4700 A5 is a next-generation load balancing and application delivery solution for use in Cisco Catalyst 6500 series switches and Cisco 7600 series routers. A security vulnerability in the CLI of the Cisco ACE 4700 A5 allows an attacker to submit special files ...

Cisco TelePresence Video Communication Server Expressway Privilege Gain Vulnerability

Cisco TelePresence Video Communication Server VCS Expressway is a TelePresence video communication server from Cisco that integrates with Unified Communications and voice communication environments to provide the best possible experience for end users using a variety of communication tools. A...

Cisco TelePresence Video Communication Server Expressway Arbitrary File Injection Vulnerability

A vulnerability in the command-line interface CLI of the Cisco TelePresence Video Communication Server VCS Expressway could allow an authenticated, local attacker to inject arbitrary arguments to a script on an affected system. The vulnerability is due to insufficient input validation of content ...

The vulnerability of the Cisco UCS Central device’s centralized management system allows a perpetrator to increase their privileges to execute arbitrary code.

The vulnerability of the Cisco UCS Central device management system exists because measures are not taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to enhance their privileges to execute arbitrary code by sendi...

Cisco Nexus Device NS-OS Software Command Line Interpreter Local Elevation of Privilege Vulnerability

Nexus is Cisco's line of network switches designed for data centers. Multiple elevation of privilege vulnerabilities exist in the command line interpreter of Cisco Nexus devices with invalid parameter input filtering for the tar command, which can be exploited by an authenticated, local attacker ...

Cisco Nexus Operating System Devices Command Line Interface Local Privilege Escalation Vulnerability

A vulnerability in the Command Line Interface CLI parser of Cisco Nexus Operating System NX-OS devices could allow an authenticated, local attacker to perform a privilege escalation. The vulnerability is due to improper input validation of special characters within filenames. An attacker could...

Cisco UCS Central Software Command Line Interface Command Injection Vulnerability

Cisco UCS Central Software is a U.S. Cisco Cisco company's computing, virtualization and networking in one software platform. A security vulnerability exists in the command line interface of Cisco UCS Central Software. An authenticated, local attacker can exploit this vulnerability to inject...

Cisco UCS Central Software Command-Line Interface Command Injection Vulnerability

A vulnerability in the command-line interface CLI of Cisco UCS Central Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with elevated privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An...

Vulnerabilities of the CentOS operating system that allow malicious actors to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the libreport-cli-2.0.9 package of the CentOS operating system can lead to violations of confidentiality, integrity, and accessibility of protected information. Exploitation of these vulnerabilities can occur locally...

CVE-2014-3586

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly formerly JBoss Application Server uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors...

CVE-2014-3586

The default configuration for the Command Line Interface in Red Hat Enterprise Application Platform before 6.4.0 and WildFly formerly JBoss Application Server uses weak permissions for .jboss-cli-history, which allows local users to obtain sensitive information via unspecified vectors...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 6.4.0 update

Updated packages that provide Red Hat JBoss Enterprise Application Platform 6.4.0, and fix multiple security issues, several bugs, and add various enhancements, are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security impact...