Java Policy File Vulnerability in Cisco Optical Networking System
CVE-2006-1672

Currently unrated

Key Information:

Vendor

Cisco
Status
Transport Controller
Vendor
CVE Published:
7 April 2006

What is CVE-2006-1672?

A vulnerability exists in the Cisco Transport Controller (CTC) for the Optical Networking System (ONS) 15000 series. This flaw is due to the inclusion of a wildcard entry in a Java policy file, which grants excessive permissions—specifically, the java.security.AllPermission—to any HTTP URL that contains 'fs/LAUNCHER.jar'. This oversight permits remote attackers to execute arbitrary code on a CTC workstation, leading to potential breaches in system integrity and confidentiality.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.vupen.com/english/advisories/2006/1256
vdb-entryx_refsource_VUPEN
http://www.osvdb.org/24438
vdb-entryx_refsource_OSVDB
http://secunia.com/advisories/19553
third-party-advisoryx_refsource_SECUNIA

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.