Cisco Advisories

Cisco has released two security advisoriesinforming of several vulnerabilities in systems with Cisco IOS XR and inCiscoWorks Wireless LAN Solution Engine (WLSE).

There are three vulnerabilities in Multiple Multi Protocol LabelSwitching (MPLS) in systems running Cisco IOS XR, which are only foundin CRS-1 and Cisco 12000 series routers.

Only systems running Cisco IOSXR and configured for MPLS are affected by these vulnerabilities. An attacker that successfully exploited any of these vulnerabilities could cause a denial of service in compromised systems.

Cisco has released the corresponding patches for these vulnerabilities, and it is advisable to refer to the advisory at:http://www.cisco.com/warp/public/707/cisco-sa-20060419-xr.shtml.

On the other hand, two vulnerabilities have been confirmed in CiscoWorks Wireless LAN Solution Engine (WLSE).

The first of these refers to across-site scripting problem, while the second involves privilege escalation.

Cisco has published the updates for these vulnerabilities at: http://www.cisco.com/cgi-bin/tablebuild.pl/wlan-sol-eng.

The secondCisco warning is available at: http://www.cisco.com/warp/public/707/cisco-sa-20060419-wlse.shtml