CVE-2006-0367 Information

Description

Unspecified vulnerability in Cisco CallManager 3.2 and earlier 3.3 before 3.3(5)SR1 4.0 before 4.0(2a)SR2c and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a \crafted URL on the CCMAdmin web page.\

Reference

http://secunia.com/advisories/18501 http://securitytracker.com/id?1015502 http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmpe.shtml http://www.osvdb.org/22621 http://www.securityfocus.com/bid/16293 http://www.vupen.com/english/advisories/2006/0250 https://exchange.xforce.ibmcloud.com/vulnerabilities/24172