SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Device (VoIP/Phone/FAX)  >   Cisco Unity Vendors:   Cisco
Cisco Unity Express Lets Remote Authenticated Users Gain Administrative Privileges
SecurityTracker Alert ID:  1016015
SecurityTracker URL:  http://securitytracker.com/id/1016015
CVE Reference:   CVE-2006-2166   (Links to External Site)
Updated:  Aug 15 2009
Original Entry Date:  May 2 2006
Impact:   User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Cisco Unity Express only; prior to 2.3(1)
Description:   A vulnerability was reported in Cisco Unity Express. A remote authenticated user may be able to gain administrative privileges on the target system.

A remote authenticated user can exploit a flaw via the HTTP management interface and change the password for a target user if the target user's password is marked as expired. If the target user is an administrator, the remote authenticated user can gain administrative privileges.

This may allow the remote authenticated user to obtain voice mail messages or modify automated attendant messages.

Any Cisco Unity Express Advanced Integration Module (AIM) or Network Module (NM) running versions prior to 2.3(1) is vulnerable.

Cisco Unity is not affected.

Cisco has assigned Bug ID CSCsd50387 to this vulnerability.

Xu He and Keith Vaughan of the Bank of America Application Assessment Team discovered this vulnerability.

Impact:   A remote authenticated user may be able to gain the privileges of a target user, potentially including an administrative user.
Solution:   The vendor has issued a fixed version (2.3(1)).

The Cisco advisory is available at:

http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml

Vendor URL:  www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml (Links to External Site)
Cause:   Access control error
Underlying OS:  

Message History:   None.


 Source Message Contents

Date:  Mon, 1 May 2006 21:50:33 -0400
Subject:  Cisco Security Advisory: Cisco Unity Express Expired Password Reset Privilege Escalation


http://www.cisco.com/warp/public/707/cisco-sa-20060501-cue.shtml
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC