{ "id": "CVE-2006-1961", "sourceIdentifier": "cve@mitre.org", "published": "2006-04-21T10:02:00.000", "lastModified": "2018-10-18T16:37:23.910", "vulnStatus": "Modified", "descriptions": [ { "lang": "en", "value": "Cisco CiscoWorks Wireless LAN Solution Engine (WLSE) and WLSE Express before 2.13, Hosting Solution Engine (HSE) and User Registration Tool (URT) before 20060419, and all versions of Ethernet Subscriber Solution Engine (ESSE) and CiscoWorks2000 Service Management Solution (SMS) allow local users to gain Linux shell access via shell metacharacters in arguments to the \"show\" command in the application's command line interface (CLI), aka bug ID CSCsd21502 (WLSE), CSCsd22861 (URT), and CSCsd22859 (HSE). NOTE: other issues might be addressed by the Cisco advisory." } ], "metrics": { "cvssMetricV2": [ { "source": "nvd@nist.gov", "type": "Primary", "cvssData": { "version": "2.0", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "accessVector": "NETWORK", "accessComplexity": "LOW", "authentication": "NONE", "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "baseScore": 7.5 }, "baseSeverity": "HIGH", "exploitabilityScore": 10.0, "impactScore": 6.4, "acInsufInfo": false, "obtainAllPrivilege": false, "obtainUserPrivilege": false, "obtainOtherPrivilege": true, "userInteractionRequired": false } ] }, "weaknesses": [ { "source": "nvd@nist.gov", "type": "Primary", "description": [ { "lang": "en", "value": "NVD-CWE-Other" } ] } ], "configurations": [ { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:user_registration_tool:*:*:*:*:*:*:*:*", "matchCriteriaId": "441C9430-C57D-48F5-8C6F-B64759ED5777" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:*:*:*:*:*:*", "matchCriteriaId": "5E89560E-5A06-44F5-82AB-AEB9AD7B97DD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.0:*:express:*:*:*:*:*", "matchCriteriaId": "FBF2B953-773A-4E47-9EEA-4826354650EE" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:*:*:*:*:*:*", "matchCriteriaId": "D54C89F2-D5F5-412D-85C6-1CD76E03BE26" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.1:*:express:*:*:*:*:*", "matchCriteriaId": "2AA97244-E7A9-49A2-9414-E5860AF3611D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E013901C-1B1E-4839-867B-D647A996BF60" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.2:*:express:*:*:*:*:*", "matchCriteriaId": "055B35BB-602A-4C26-A0D4-6614D1B09A97" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:*:*:*:*:*:*", "matchCriteriaId": "B228B395-6964-449D-9B09-D7BFE31E9851" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.3:*:express:*:*:*:*:*", "matchCriteriaId": "D5344233-E08D-4066-86CD-D9D9B84B039D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:*:*:*:*:*:*", "matchCriteriaId": "25B36A82-33BE-4BA4-9B4A-36D685607A4C" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.4:*:express:*:*:*:*:*", "matchCriteriaId": "337C5C2C-2A2C-4C94-9DBF-2BB795BEEF1A" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.5:*:*:*:*:*:*:*", "matchCriteriaId": "C3D72DCA-130D-4507-BDAC-A6183D08BC2E" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.5:*:express:*:*:*:*:*", "matchCriteriaId": "6AAF32A3-4D70-4E1A-9FBE-A465F3910B57" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.6:*:*:*:*:*:*:*", "matchCriteriaId": "87C22C0D-2E74-44B8-BAF1-FACBE7B7A497" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.6:*:express:*:*:*:*:*", "matchCriteriaId": "5BD43E20-9E43-46FB-952A-EE181D87F116" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.7:*:*:*:*:*:*:*", "matchCriteriaId": "4BB965A0-7FB2-4DF7-82C8-D0AB4E8AE4CA" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.7:*:express:*:*:*:*:*", "matchCriteriaId": "0A5BDD7D-7321-4061-9E43-3DB613768945" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.8:*:*:*:*:*:*:*", "matchCriteriaId": "B6C66F51-37FC-4CEF-A532-17522EE32BAD" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.8:*:express:*:*:*:*:*", "matchCriteriaId": "F6EA38AC-8E50-45FF-8F17-C679E165269D" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.9:*:*:*:*:*:*:*", "matchCriteriaId": "0F560405-DD99-4D09-9D9B-19F88A63C689" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.9:*:express:*:*:*:*:*", "matchCriteriaId": "27C389A3-27DC-4EAB-A08C-60BF1774351B" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.10:*:*:*:*:*:*:*", "matchCriteriaId": "BBBAC34E-4572-48D2-B7B5-5AB623A35A42" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.10:*:express:*:*:*:*:*", "matchCriteriaId": "35CFCBC7-68A8-407D-9983-FBA414318880" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.11:*:*:*:*:*:*:*", "matchCriteriaId": "1CA72C62-7004-4A5C-BEA5-5ACA55279366" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.11:*:express:*:*:*:*:*", "matchCriteriaId": "0C6865FB-479A-41F0-89ED-BF02E80D9FDB" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.12:*:*:*:*:*:*:*", "matchCriteriaId": "6ADEEA82-4371-4D25-8CEB-F6F8B32ED9F4" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.12:*:express:*:*:*:*:*", "matchCriteriaId": "BF202456-0666-4DBB-8918-B30B83850201" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.13:*:*:*:*:*:*:*", "matchCriteriaId": "FC9515C2-5549-4EBC-8FF1-8C75E92794D2" }, { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:wireless_lan_solution_engine:2.13:*:express:*:*:*:*:*", "matchCriteriaId": "3D994D17-087E-450B-A5DE-F56949717C6C" } ] } ] }, { "nodes": [ { "operator": "OR", "negate": false, "cpeMatch": [ { "vulnerable": true, "criteria": "cpe:2.3:a:cisco:ciscoworks_2000_service_management_solution:*:*:*:*:*:*:*:*", "matchCriteriaId": "10CAB6F5-563C-4E8A-B769-45B1981BADF5" }, { "vulnerable": true, "criteria": "cpe:2.3:h:cisco:hosting_solution_engine:1.7:*:*:*:*:*:*:*", "matchCriteriaId": "9405E712-6682-4DCE-AA18-311A2D6AA958" }, { "vulnerable": true, "criteria": "cpe:2.3:h:cisco:hosting_solution_engine:1.7.0:*:*:*:*:*:*:*", "matchCriteriaId": "EDA1DA2E-FD49-46B1-96E0-1129B16A8DD6" }, { "vulnerable": true, "criteria": "cpe:2.3:h:cisco:hosting_solution_engine:1.7.1:*:*:*:*:*:*:*", "matchCriteriaId": "D44C3E02-A17C-48A2-8173-358570C2ACAB" }, { "vulnerable": true, "criteria": "cpe:2.3:h:cisco:hosting_solution_engine:1.7.2:*:*:*:*:*:*:*", "matchCriteriaId": "8DA04953-EBE5-482D-83F9-30F10F739C31" }, { "vulnerable": true, "criteria": "cpe:2.3:h:cisco:hosting_solution_engine:1.7.3:*:*:*:*:*:*:*", "matchCriteriaId": "ADE85A5A-2CF3-49FB-A15C-49EA56338FBB" }, { "vulnerable": true, "criteria": "cpe:2.3:o:cisco:ethernet_subscriber_solution_engine:*:*:*:*:*:*:*:*", "matchCriteriaId": "6290FDDC-8965-4045-900E-933D85511F67" } ] } ] } ], "references": [ { "url": "http://securitytracker.com/id?1015965", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.assurance.com.au/advisories/200604-cisco.txt", "source": "cve@mitre.org" }, { "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.cisco.com/warp/public/707/cisco-sr-20060419-priv.shtml", "source": "cve@mitre.org", "tags": [ "Patch" ] }, { "url": "http://www.securityfocus.com/archive/1/431367/30/5490/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/archive/1/431371/30/5490/threaded", "source": "cve@mitre.org" }, { "url": "http://www.securityfocus.com/bid/17609", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2006/1434", "source": "cve@mitre.org" }, { "url": "http://www.vupen.com/english/advisories/2006/1435", "source": "cve@mitre.org" }, { "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25884", "source": "cve@mitre.org" } ] }