Home    |    View Topics    |    Search    |    Contact Us    |

SecurityTracker Archives

Category:   Device (Router/Bridge/Hub)  >   Cisco ASR Router Vendors:   Cisco Cisco ASR 5000 Series Router StartOS CLI Input Validation Flaw Lets Local Users Obtain Root Privileges SecurityTracker Alert ID:  1040239 SecurityTracker URL:  http://securitytracker.com/id/1040239 CVE Reference:   CVE-2018-0115   (Links to External Site) Date:  Jan 18 2018 Impact:   Root access via local system Fix Available:  Yes  Vendor Confirmed:  Yes   Version(s): 5000 Series Description:   A vulnerability was reported in Cisco ASR 5000 Series Router. A local user can obtain root privileges on the target system. A local user can supply specially crafted arguments to trigger an input validation flaw in the Cisco StarOS command line interface and execute arbitrary commands on the target system with root privileges. The vendor has assigned bug ID CSCvf93332 to this vulnerability. Impact:   A local user can obtain root privileges on the target system. Solution:   The vendor has issued a fix. The vendor advisory is available at: https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-staros Vendor URL:  tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-staros (Links to External Site) Cause:   Input validation error Message History:   None.  Source Message Contents Subject:  https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180117-staros Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us
This web site uses cookies for web analytics. Learn More
Copyright 2019, SecurityGlobal.net LLC