Description: Cisco has acknowledged some vulnerabilities in various Cisco products, which can be exploited by malicious users to compromise a vulnerable system.
The vulnerability affects the following products:
* Network Analysis Modules (NAM) for Cisco 6500 switch, Cisco 7600 router and Branch Routers (WS-SVC-NAM-1, WS-SVC-NAM-2, and WS-X6380-NAM for the Catalyst 6000, 6500 series switches and Cisco 7600 series router. Devices running software versions 3.5(1a) and earlier are potentially affected by this vulnerability).
* CiscoWorks Wireless LAN Solution Engine (WLSE) and CiscoWorks Wireless LAN Solution Engine Express (WLSX)
* Cisco Unified Application Environment (software version 2.3.x and earlier).
* Hosting Solution Engine/Hosting Solution Software (all versions).
Solution: Network Analysis Modules (NAM):
Update to version 3.5(1b) or version 3.6.
There is no software fix for WS-X6380-NAM.
CiscoWorks Wireless LAN Solution Engine (WLSE and WLSX):
Currently no fixed version is available.
Cisco Unified Application Environment:
Update to software version 2.4 (release in May 2007).
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.