The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Content_services_switch_11000 | Cisco | * | * |
References
- http://www.ciac.org/ciac/bulletins/l-085.shtml
- http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml
- http://www.osvdb.org/1834
- http://www.securityfocus.com/bid/2745
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6557
- http://www.ciac.org/ciac/bulletins/l-085.shtml
- http://www.cisco.com/warp/public/707/arrowpoint-ftp-pub.shtml
- http://www.osvdb.org/1834
- http://www.securityfocus.com/bid/2745
- https://exchange.xforce.ibmcloud.com/vulnerabilities/6557