[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    [Full-disclosure] Cisco Security Advisory: Authenticated Command Injection Vulnerability in Multiple
From:       Cisco Systems Product Security Incident Response Team <psirt () cisco ! com>
Date:       2013-07-31 16:01:18
Message-ID: 201307311201.10.cm () psirt ! cisco ! com
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Cisco Security Advisory: Authenticated Command Injection Vulnerability in Multiple Cisco \
Content Network and Video Delivery Products

Advisory ID: cisco-sa-20130731-cm

Revision 1.0

For Public Release 2013 July 31 16:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Multiple Cisco content network and video delivery products contain a vulnerability when they \
are configured to run in central management mode. This vulnerability could allow an \
authenticated but unprivileged, remote attacker to execute arbitrary code on the affected \
system and on the devices managed by the affected system.

Cisco has released free software updates that address this vulnerability. Workarounds that \
mitigate this vulnerability are not available. This advisory is available at the following \
link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130731-cm
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.19 (Darwin)

iF4EAREKAAYFAlH5AAkACgkQUddfH3/BbTrB5wD+LzwjR/5XykM8jgZ2pvcTh+i0
w+cEK4klr2i+zpzoOckA/ilbSi5WS/lYJEdEavvjOkxNVlPsqeQ168DlbpyLbMOI
=ZTje
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


[prev in list] [next in list] [prev in thread] [next in thread]