Cisco TelePresence VCS Expressway CLI Input Validation Flaw Lets Local Users Obtain Root Privileges : 8/20/2015 7:37:49 AM
This eBook shows you how to build great push messages that convert for your app. From our sponsors |
| Vulnerability Databse |
| This module replaces the description field of a feed to the page it links to (in addition, it wipes out the content:encoded field), so you can get its full text. |
Cisco TelePresence VCS Expressway CLI Input Validation Flaw Lets Local Users Obtain Root Privileges
8/20/2015 12:00:00 AM
| Cisco TelePresence VCS Expressway CLI Input Validation Flaw Lets Local Users Obtain Root Privileges |
| SecurityTracker Alert ID: 1033332 |
| SecurityTracker URL: http://securitytracker.com/id/1033332 |
| CVE Reference: CVE-2015-4327 (Links to External Site) |
| Date: Aug 19 2015 |
| Impact: Modification of system information, Root access via local system |
| Vendor Confirmed: Yes |
| Version(s): VCS Expressway X8.5.2 |
| Description: A vulnerability was reported in Cisco TelePresence VCS Expressway. A local user can obtain root privileges on the target system. A local user can exploit a flaw in the command-line interface (CLI) to write specially crafted arguments to a root owned file and then cause the file to be executed to gain root privileges on the target system. The vendor has assigned bug ID CSCuv12542 to this vulnerability. |
| Impact: A local user can obtain root privileges on the target system. |
| Solution: No solution was available at the time of this entry. The vendor's advisory is available at: http://tools.cisco.com/security/center/viewAlert.x?alertId=40518 |
| Vendor URL: tools.cisco.com/security/center/viewAlert.x?alertId=40518 (Links to External Site) |
| Cause: Input validation error |
| Underlying OS: |
| |
| Message History: None. |
You are receiving this email because you subscribed to this feed at feedmyinbox.com
If you no longer wish to receive these emails, you can unsubscribe from this feed, or manage all your subscriptions
Diberdayakan oleh Blogger.