75 matches found
Cisco Wireless Control System multiple security vulnerabilities
Hardcoded unchangable FTP server account, privilege escalation thorugh group membership, information leaks...
Cisco Wireless Control System Privilege Escalation Vulnerability
Cisco Wireless Control System WCS versions prior to 4.0.87.0 contains a vulnerability that could allow an authenticated, remote attacker to gain escalated privileges on the affected system. This vulnerability exists due to insufficient access controls on the Cisco WCS configuration page used to...
Multiple Vulnerabilities in the Cisco Wireless Control System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in 1 PreSearch.html and 2 PreSearch.class in Cisco Secure Access Control Server ACS, VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage...
CVE-2006-3287
Cisco Wireless Control System WCS for Linux and Windows 4.01 and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access aka bug CSCse21391...
CVE-2006-3290
HTTP server in Cisco Wireless Control System WCS for Linux and Windows before 3.251 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain usernames and directory paths via a direct URL request...
CVE-2006-3286
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...
CVE-2006-3287
Cisco Wireless Control System WCS for Linux and Windows 4.01 and earlier uses a default administrator username "root" and password "public," which allows remote attackers to gain access aka bug CSCse21391...
CVE-2006-3286
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...
CVE-2006-3289
Cross-site scripting XSS vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System WCS for Linux and Windows before 3.251 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL"...
CVE-2006-3286
The CVE-2006-3286 entry concerns Cisco Wireless Control System (WCS) for Linux and Windows prior to 3.2(63). The vulnerability arises from a hard-coded username and password stored in plaintext in unspecified files within the WCS database, enabling remote authenticated users to access the databas...
CVE-2006-3289
CVE-2006-3289 denotes a cross-site scripting (XSS) vulnerability in the login page of Cisco Wireless Control System (WCS) HTTP interface for Linux and Windows, affected in versions prior to 3.2(51). The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving a m...
CVE-2006-3285
The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.251 uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data aka bugs CSCsd15955...
Multiple Vulnerabilities in Wireless Control System
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
[Full-disclosure] Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Multiple Vulnerabilities in Wireless Control System Advisory ID: cisco-sa-20060628-wcs http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml Revision 1.0 For Public Release 2006 June 28 1600 UTC GMT -...