Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.5
CVSSv2

CVE-2006-1961

Published: 21/04/2006 Updated: 18/10/2018
CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10
VMScore: 668
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Subscribe to User Registration Tool

Vulnerability Summary

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express prior to 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) prior to 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.

Vulnerable Product Search on Vulmon Subscribe to Product

cisco user registration tool

cisco wireless lan solution engine 2.11

cisco wireless lan solution engine 2.3

cisco wireless lan solution engine 2.7

cisco wireless lan solution engine 2.8

cisco wireless lan solution engine 2.1

cisco wireless lan solution engine 2.13

cisco wireless lan solution engine 2.5

cisco wireless lan solution engine 2.6

cisco wireless lan solution engine 2.9

cisco wireless lan solution engine 2.10

cisco wireless lan solution engine 2.2

cisco wireless lan solution engine 2.0

cisco wireless lan solution engine 2.12

cisco wireless lan solution engine 2.4

cisco hosting solution engine 1.7.0

cisco hosting solution engine 1.7.1

cisco ethernet subscriber solution engine

cisco ciscoworks 2000 service management solution

cisco hosting solution engine 1.7

cisco hosting solution engine 1.7.2

cisco hosting solution engine 1.7.3

References

NVD-CWE-Otherhttp://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtmlhttp://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtmlhttp://securitytracker.com/id?1015965http://secunia.com/advisories/19736http://www.assurance.com.au/advisories/200604-cisco.txthttp://secunia.com/advisories/19739http://secunia.com/advisories/19741http://www.securityfocus.com/bid/17609http://www.osvdb.org/24813http://www.vupen.com/english/advisories/2006/1435http://www.vupen.com/english/advisories/2006/1434https://exchange.xforce.ibmcloud.com/vulnerabilities/25884http://www.securityfocus.com/archive/1/431371/30/5490/threadedhttp://www.securityfocus.com/archive/1/431367/30/5490/threadedhttps://nvd.nist.gov
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook