Vulnerabilities > CVE-2005-4332 - Unspecified vulnerability in Cisco Network Admission Control Manager and Server System Software
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Cisco Clean Access 3.5.5 and earlier on the Secure Smart Manager allows remote attackers to bypass authentication and cause a denial of service or upload files via direct requests to obsolete JSP files including (1) admin/uploadclient.jsp, (2) apply_firmware_action.jsp, and (3) file.jsp.
Vulnerable Configurations
References
- http://www.awarenetwork.org/forum/viewtopic.php?p=2236
- http://www.securityfocus.com/bid/15909
- http://securitytracker.com/id?1015375
- http://www.cisco.com/warp/public/707/cisco-response-20051221-CCA.shtml
- http://secunia.com/advisories/18103
- http://www.osvdb.org/21956
- http://www.osvdb.org/21957
- http://www.osvdb.org/21958
- http://securityreason.com/securityalert/265
- http://www.vupen.com/english/advisories/2005/3007
- http://www.securityfocus.com/archive/1/420008/100/0/threaded
- http://www.securityfocus.com/archive/1/419645/100/0/threaded