Startseite ▼ Bookkeeping
Online ▼ Sicherheits
Überprüfungs ▼
Verwaltetes
DNS ▼
Info
Bestellen/Erneuern
FAQ
AUP
Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password Netzwerk
Überwachung ▼
Enterprise
Erweiterte
Standard
Gratis Test
FAQ
Preis/Funktionszusammenfassung
Bestellen
Beispiele
Konfigurieren/Status Alarm Profile | |||
Test Kennung: | 1.3.6.1.4.1.25623.1.0.106391 |
Kategorie: | CISCO |
Titel: | Cisco IOS XE Software Directory Traversal Vulnerability |
Zusammenfassung: | A vulnerability in the package unbundle utility of Cisco IOS XE Software;could allow an authenticated, local attacker to gain write access to some files in the underlying operating;system. |
Beschreibung: | Summary: A vulnerability in the package unbundle utility of Cisco IOS XE Software could allow an authenticated, local attacker to gain write access to some files in the underlying operating system. Vulnerability Insight: The vulnerability is due to insufficient validation of files submitted to the affected installation utility. An attacker could exploit this vulnerability by uploading a crafted file to an affected system and running the installation utility command. Vulnerability Impact: A successful exploit could allow the attacker to gain write access to some files in the underlying operating system, which could allow the attacker to override the write-accessible files and compromise the integrity of the system. Solution: See the referenced vendor advisory for a solution. CVSS Score: 1.9 CVSS Vector: AV:L/AC:M/Au:N/C:N/I:P/A:N |
Querverweis: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6450 BugTraq ID: 94340 http://www.securityfocus.com/bid/94340 http://www.securitytracker.com/id/1037299 |
Copyright | Copyright (C) 2016 Greenbone Networks GmbH |
Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten. |