 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.106282 |
| Categoría: | CISCO |
| Título: | Cisco IOS Software iox Command Injection Vulnerability |
| Resumen: | A vulnerability exists in the iox command in Cisco IOS Software that;could allow an authenticated, local attacker to perform command injection into the IOx Linux guest operating;system (GOS). |
| Descripción: | Summary: A vulnerability exists in the iox command in Cisco IOS Software that could allow an authenticated, local attacker to perform command injection into the IOx Linux guest operating system (GOS). Vulnerability Insight: This vulnerability is due to insufficient input validation of iox command line arguments. An attacker could exploit this vulnerability by providing crafted options to the iox command. Vulnerability Impact: An exploit could allow the attacker to execute commands of their choice in the Linux GOS. Solution: Upgrade to version 15.6(3.0q)M or later. CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6414 BugTraq ID: 93091 http://www.securityfocus.com/bid/93091 Cisco Security Advisory: 20160921 Cisco IOS and IOS XE iox Command Injection Vulnerability http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160921-iox http://www.securitytracker.com/id/1036876 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |