Cisco Vulnerabilities in IOS XR MPLS, WLSE Appliance

["Fergie" <fergdawg () netzero net>]

Via Cisco:

[snip]

Cisco IOS XR MPLS Vulnerabilities
http://www.cisco.com/en/US/products/ps5763/products_security_advisory09186a008066733f.shtml

Multiple Multi Protocol Label Switching (MPLS) related vulnerabilities exist on Cisco IOS® XR. Only systems that are 
running Cisco IOS XR and configured for MPLS are affected by these vulnerabilities.

Upon successful exploitation a Modular Services Card (MSC) on a Cisco Carrier Routing System 1 (CRS-1) or a Line Card 
(LC) on a Cisco 12000 series router may reload affecting switched traffic.

Multiple Vulnerabilities in the WLSE Appliance
http://www.cisco.com/en/US/products/ps6305/products_security_advisory09186a0080667332.shtml

There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross 
site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The 
second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated 
access to the command line interface to obtain access to the underlying operating system.

[snip]

- ferg


--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg () netzero net or fergdawg () sbcglobal net
 ferg's tech blog: http://fergdawg.blogspot.com/


_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.