Cisco Content Service Switch FTP Access Control Vulnerability

The Cisco Content Service (CSS) switch is an Enterprise-level utility by Cisco Systems. The CSS switch is a Layer 5 and 7 aware switch capable of providing a high performance frontend to web server farms and caches.

A problem with the switch could allow non-privileged users to upload files to the switch. The switch allows any user with a valid account to use the FTP PUT and GET functions.

This problem makes it possible for a remote user to overwrite local files, or gain access to sensitive files.


Privacy Statement
Copyright 2010, SecurityFocus