Wednesday, April 19, 2006

Cisco Vulnerabilities in IOS XR MPLS, WLSE Appliance

Cisco IOS XR MPLS Vulnerabilities

Multiple Multi Protocol Label Switching (MPLS) related vulnerabilities exist on Cisco IOSĀ® XR. Only systems that are running Cisco IOS XR and configured for MPLS are affected by these vulnerabilities.

Upon successful exploitation a Modular Services Card (MSC) on a Cisco Carrier Routing System 1 (CRS-1) or a Line Card (LC) on a Cisco 12000 series router may reload affecting switched traffic.

Multiple Vulnerabilities in the WLSE Appliance

There are two vulnerabilities that exist in the CiscoWorks Wireless LAN Solution Engine (WLSE). The first is a cross site scripting (XSS) vulnerability that may allow an attacker to gain administrative privileges on the system. The second is a local privilege escalation vulnerability that can be used by an attacker who already has authenticated access to the command line interface to obtain access to the underlying operating system.


Post a Comment

<< Home