Cisco Application Policy Infrastructure Controller Binary Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to incorrect installation and permissions settings for binary files when installin...

Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability

A vulnerability in the Grapevine update process of the Cisco Application Policy Infrastructure Controller Enterprise Module APIC-EM could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system with the privileges of the root user...

Cisco Firepower Management Center Remote Command Execution Vulnerability

A vulnerability in the web-based GUI of Cisco Firepower Management Center and Cisco Adaptive Security Appliance ASA 5500-X Series with FirePOWER Services could allow an authenticated, remote attacker to perform unauthorized remote command execution on the affected device. The vulnerability is due...

Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to the use of incorrect installation and permissions settings for binary files...

Cisco Application Policy Infrastructure Controller Binary Files Privilege Escalation Vulnerability

A vulnerability in the installation procedure for Cisco Application Policy Infrastructure Controller APIC devices could allow an authenticated, local attacker to gain root-level privileges. The vulnerability is due to the use of incorrect installation and permissions settings for binary files...

Cisco Prime Infrastructure Remote Code Execution Vulnerability (cisco-sa-20160406-remcode) - Version Check

A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability

A vulnerability in the web interface of Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager EPNM could allow an unauthenticated, remote attacker to execute arbitrary code on a targeted system. The vulnerability is due to insufficient sanitization of HTTP user-supplied input...

Cisco Cloud Services Router 1000V Command Injection Vulnerability (cisco-sa-20151130-csr)

A vulnerability in the event manager environment and publish-event function of the Cisco Cloud Services Router 1000V Series could allow an authenticated, local attacker to perform a command injection attack with root-level privileges. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptio...

Cisco Cloud Services Router 1000V Command Injection Vulnerability

A vulnerability in the event manager environment and publish-event function of the Cisco Cloud Services Router 1000V Series could allow an authenticated, local attacker to perform a command injection attack with root-level privileges. The vulnerability is due to a lack of proper input validation ...

Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability

A vulnerability in the certificate generation process in the admin web interface of the Cisco Web Security Appliance WSA could allow an authenticated, remote attacker to execute arbitrary commands on an affected system with root-level privileges. The vulnerability is due to the improper...

Cisco Prime Infrastructure Command Execution Vulnerability

A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges. The vulnerability is due to improper validation of URL requests. An attacker could exploit this vulnerability by requesting an unauthorized command...

Cisco Releases Security Advisory for Prime Infrastructure Command Execution Vulnerability

Cisco has released a security advisory to address a vulnerability in Cisco Prime Infrastructure software versions 1.2, 1.3, 1.4, and 2.0 which could allow an unauthenticated, remote attacker to execute arbitrary commands with root-level privileges. US-CERT encourages users and administrators to...

Red Hat Directory Server Accept-Language HTTP Header Parsing Buffer Overflow (CVE-2008-2928)

Red Hat Directory Server is an LDAP-based server that centralizes application settings, user profiles, group data, policies, and access control information into an operating system-independent, network-based registry. Fedora Directory Server is a free version of Red Hat Directory Server. There...

OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : SCO Internet Manager - local users can gain root level privileges.

To: [email protected] [email protected] [email protected] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SCO Security Advisory Subject: OpenServer 5.0.7 OpenServer 5.0.6 OpenServer 5.0.5 : SCO Internet Manager - local users can gain root level privileges. Advisory...