CVE-2006-1961

Severity

75%

Complexity

99%

Confidentiality

106%

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.

CVSS 2.0 Base Score 7.5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P).

Overview

Type

Cisco

First reported 18 years ago

2006-04-21 10:02:00

Last updated 6 years ago

2018-10-18 16:37:00

Affected Software

Cisco User Registration Tool

Cisco Wireless LAN Solution Engine 2.0

2.0

Cisco Wireless LAN Solution Engine 2.1

2.1

Cisco Wireless LAN Solution Engine 2.2

2.2

Cisco Wireless LAN Solution Engine 2.3

2.3

Cisco Wireless LAN Solution Engine 2.4

2.4

Cisco Wireless LAN Solution Engine 2.5

2.5

Cisco Wireless LAN Solution Engine 2.6

2.6

Cisco Wireless LAN Solution Engine 2.7

2.7

Cisco Wireless LAN Solution Engine 2.8

2.8

Cisco Wireless LAN Solution Engine 2.9

2.9

Cisco Wireless LAN Solution Engine 2.10

2.10

Cisco Wireless LAN Solution Engine 2.11

2.11

Cisco Wireless LAN Solution Engine 2.12

2.12

Cisco Wireless LAN Solution Engine 2.13

2.13

Cisco CiscoWorks 2000 Service Management Solution

Cisco Hosting Solution Engine 1.7

1.7

Cisco Hosting Solution Engine 1.7.0

1.7.0

Cisco Hosting Solution Engine 1.7.1

1.7.1

Cisco Hosting Solution Engine 1.7.2

1.7.2

Cisco Hosting Solution Engine 1.7.3

1.7.3

Cisco Ethernet Subscriber Solution Engine

References

19736

Patch, Vendor Advisory

19739

19741

1015965

Patch

http://www.assurance.com.au/advisories/200604-cisco.txt

20060419 Multiple Vulnerabilities in the WLSE Appliance

Patch

20060419 Response to Privilege Escalation on Multiple Cisco Products

Patch

24813

20060419 Re: Multiple vulnerabilities in Linux based Cisco products

20060419 Multiple vulnerabilities in Linux based Cisco products

17609

ADV-2006-1434

ADV-2006-1435

cisco-wlse-shell-privilege-escalation(25884)

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.