Tuesday, June 12, 2007

Multiple Vulnerabilities in Wireless Control System

Cisco Wireless Control System (WCS) contains multiple vulnerabilities which may allow a remote user to:

- access sensitive configuration information about access points managed by WCS
- read from and write to arbitrary files on a WCS system
- log in to a WCS system with a default administrator password
- execute script code in a WCS user's web browser
- access directories which may reveal sensitive WCS configuration information

There are workarounds for several, but not all, of these vulnerabilities. See the Workarounds section for more information. Cisco has made free software available to address these vulnerabilities for affected customers.

This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20060628-wcs.shtml.

1 comment:

Anonymous said...

Can anyone recommend the top Patch Management program for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: [url=http://www.n-able.com] N-able N-central asset management
[/url] ? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!