---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secunia_vacancies/ ---------------------------------------------------------------------- TITLE: Cisco Intrusion Prevention System Privilege Escalation SECUNIA ADVISORY ID: SA16545 VERIFY ADVISORY: http://secunia.com/advisories/16545/ CRITICAL: Less critical IMPACT: Privilege escalation WHERE: Local system OPERATING SYSTEM: Cisco Intrusion Prevention System (IPS) 5.x http://secunia.com/product/5600/ DESCRIPTION: A vulnerability has been reported in Cisco Intrusion Prevention System, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the command line processing (CLI) logic and can be exploited by a user with OPERATOR or VIEWER privileges to gain full administrative privileges. The vulnerability affects versions 5.0(1) and 5.0(2). Versions 4.x and prior are not vulnerable. SOLUTION: Update to version 5.0(3). http://www.cisco.com/pcgi-bin/tablebuild.pl/ips5 PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20050824-ips.shtml ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------