Users of Cisco Unified Communications Manager please be advised of a Privilege Escalation vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
nSense-2010-003: [nSense-2010-003] Cisco Unified Communications Manager
Affected Product: Cisco Unified Communications Manager
Impact: Privilege Escalation
Technical details
---------------------------------------------------------------
Cisco Unified Communications Manager contains a setuid binary
which fails to validate command line arguments. A local user
can leverage this vulnerability to gain root access by
supplying suitable arguments to the binary.Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/evsh
No comments:
Post a Comment