CVE-2006-1961

Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the "show" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:cisco:user_registration_tool:*:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.5:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.5:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.6:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.6:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.7:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.7:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.8:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.8:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.9:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.9:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.10:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.10:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.11:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.11:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.12:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.12:*:express:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.13:*:*:*:*:*:*:*
cpe:2.3:a:cisco:wireless_lan_solution_engine:2.13:*:express:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:cisco:ciscoworks_2000_service_management_solution:*:*:*:*:*:*:*:*
cpe:2.3:h:cisco:hosting_solution_engine:1.7:*:*:*:*:*:*:*
cpe:2.3:h:cisco:hosting_solution_engine:1.7.0:*:*:*:*:*:*:*
cpe:2.3:h:cisco:hosting_solution_engine:1.7.1:*:*:*:*:*:*:*
cpe:2.3:h:cisco:hosting_solution_engine:1.7.2:*:*:*:*:*:*:*
cpe:2.3:h:cisco:hosting_solution_engine:1.7.3:*:*:*:*:*:*:*
cpe:2.3:o:cisco:ethernet_subscriber_solution_engine:*:*:*:*:*:*:*:*

History

21 Nov 2024, 00:10

Type Values Removed Values Added
References () http://secunia.com/advisories/19736 - Patch, Vendor Advisory () http://secunia.com/advisories/19736 - Patch, Vendor Advisory
References () http://secunia.com/advisories/19739 - () http://secunia.com/advisories/19739 -
References () http://secunia.com/advisories/19741 - () http://secunia.com/advisories/19741 -
References () http://securitytracker.com/id?1015965 - Patch () http://securitytracker.com/id?1015965 - Patch
References () http://www.assurance.com.au/advisories/200604-cisco.txt - () http://www.assurance.com.au/advisories/200604-cisco.txt -
References () http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml - Patch () http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml - Patch
References () http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml - Patch () http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml - Patch
References () http://www.osvdb.org/24813 - () http://www.osvdb.org/24813 -
References () http://www.securityfocus.com/archive/1/431367/30/5490/threaded - () http://www.securityfocus.com/archive/1/431367/30/5490/threaded -
References () http://www.securityfocus.com/archive/1/431371/30/5490/threaded - () http://www.securityfocus.com/archive/1/431371/30/5490/threaded -
References () http://www.securityfocus.com/bid/17609 - () http://www.securityfocus.com/bid/17609 -
References () http://www.vupen.com/english/advisories/2006/1434 - () http://www.vupen.com/english/advisories/2006/1434 -
References () http://www.vupen.com/english/advisories/2006/1435 - () http://www.vupen.com/english/advisories/2006/1435 -
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/25884 - () https://exchange.xforce.ibmcloud.com/vulnerabilities/25884 -

Information

Published : 2006-04-21 10:02

Updated : 2024-11-21 00:10


NVD link : CVE-2006-1961

Mitre link : CVE-2006-1961

CVE.ORG link : CVE-2006-1961


JSON object : View

Products Affected

cisco

  • ethernet_subscriber_solution_engine
  • wireless_lan_solution_engine
  • user_registration_tool
  • ciscoworks_2000_service_management_solution
  • hosting_solution_engine