Vulnerabilites related to cisco - ciscoworks_lan_management_solution
Vulnerability from fkie_nvd
Published
2009-05-21 14:30
Modified
2024-11-21 01:01
Severity ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*",
"matchCriteriaId": "EFFC3AE9-1B61-44F8-938B-6363EDB2DD5A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*",
"matchCriteriaId": "1BB12692-8BCD-4601-83AE-12F1AFD1EF03",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*",
"matchCriteriaId": "1017A34C-A119-41D4-AE10-1E35FAFF0547",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*",
"matchCriteriaId": "5399066A-658B-4494-A291-DB20E0CE7687",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "BD8374C6-D8A3-43CB-A9F7-8A71CD69BE9F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*",
"matchCriteriaId": "DC455CA4-A1F7-4614-9A6F-ABCB0C9026E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*",
"matchCriteriaId": "F5941482-DB47-49E8-90BA-650073C3A233",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7CC556B9-7073-41E3-8099-00B796F8B68B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "87814504-DC6B-41CA-873E-F46B2F71A3FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "EB783DD2-C6B7-406B-9DC4-E1BC832D025C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*",
"matchCriteriaId": "57CBDA0C-EE71-459C-AFA1-9879C6727287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A30B25F2-2DEB-4254-88DB-FA31AB6CA04D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "F77163A8-3F2F-473F-B776-A155D94011DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E1F143B9-20B4-4140-805F-5F709290D6E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "562CA8A8-C17E-4985-8EA0-E2CB61355FEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7BE4D6E7-9884-4C7B-BD40-F8C08E78E93A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "921F93B3-84A8-471B-9A3A-780C76BA3685",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C453852A-D639-4872-B8FE-AE7E2BC019A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "4D4D4CAE-582C-47F5-A3D5-CC1D3BE00308",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "A0337CC9-B682-4135-B5C8-745B41474EBA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "14FC0DD7-81A3-4294-ACA5-0F8B05E7CC49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8A5A8958-B3DE-443B-921F-3AE25FFBF615",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
},
{
"lang": "es",
"value": "Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, tambi\u00e9n utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a trav\u00e9s de vectores no especificados."
}
],
"id": "CVE-2009-1161",
"lastModified": "2024-11-21T01:01:48.360",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-05-21T14:30:00.390",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"source": "psirt@cisco.com",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/54616"
},
{
"source": "psirt@cisco.com",
"url": "http://secunia.com/advisories/35179"
},
{
"source": "psirt@cisco.com",
"url": "http://securitytracker.com/id?1022263"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"source": "psirt@cisco.com",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"source": "psirt@cisco.com",
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/54616"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/35179"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1022263"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2009/1390"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2010-10-29 19:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | ciscoworks_common_services | 3.0.5 | |
| cisco | ciscoworks_common_services | 3.0.6 | |
| cisco | ciscoworks_common_services | 3.1 | |
| cisco | ciscoworks_common_services | 3.1.1 | |
| cisco | ciscoworks_common_services | 3.2 | |
| cisco | ciscoworks_common_services | 3.3 | |
| cisco | ciscoworks_lan_management_solution | 2.6 | |
| cisco | ciscoworks_lan_management_solution | 3.0 | |
| cisco | ciscoworks_lan_management_solution | 3.0 | |
| cisco | ciscoworks_lan_management_solution | 3.1 | |
| cisco | ciscoworks_lan_management_solution | 3.2 | |
| cisco | qos_policy_manager | 4.0 | |
| cisco | qos_policy_manager | 4.0.1 | |
| cisco | qos_policy_manager | 4.0.2 | |
| cisco | security_manager | 3.0.2 | |
| cisco | security_manager | 3.2 | |
| cisco | telepresence_readiness_assessment_manager | 1.0 | |
| cisco | unified_operations_manager | 2.0.1 | |
| cisco | unified_operations_manager | 2.0.2 | |
| cisco | unified_operations_manager | 2.0.3 | |
| cisco | unified_service_monitor | 2.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
"matchCriteriaId": "88AD3EC2-36B1-4E34-BD7F-B1D02B32178A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
"matchCriteriaId": "5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "499CD64C-8692-4BE7-8F5E-5964ACDA1972",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D2152A29-7074-4659-AA8A-BB3E793ED4A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "518309CD-F453-4B0B-8C1D-E534CE0E336B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "22DE1462-59AC-40BE-89DF-AB43CA3EC7BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:update:*:*:*:*:*:*",
"matchCriteriaId": "3D8B4ED2-15B4-4FE1-A159-D6435B5DCA5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
"matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "1BEE8595-B861-4DAB-9708-B2DA30C36C77",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "96C5C060-E09E-4F28-9B87-0417DBFB9368",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "83FCE4EC-B432-4768-BF3A-F1A29BD6B4B3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "2F831EEB-A499-4C76-A085-52F3D750E0FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
},
{
"lang": "es",
"value": "Multiples desbordamientos de b\u00fafer en la funci\u00f3n de autenticaci\u00f3n en el m\u00f3dulo web-server de Cisco CiscoWorks Common Services anterior a v4.0 permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de sesiones TCP en el puerto (1) 443 o (2) 1741, tambi\u00e9n conocido como \"Bug ID CSCti41352\"."
}
],
"id": "CVE-2010-3036",
"lastModified": "2024-11-21T01:17:55.163",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-10-29T19:00:02.013",
"references": [
{
"source": "psirt@cisco.com",
"url": "http://osvdb.org/68927"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42011"
},
{
"source": "psirt@cisco.com",
"url": "http://securitytracker.com/id?1024646"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"source": "psirt@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"source": "psirt@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/68927"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42011"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024646"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"sourceIdentifier": "psirt@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-09-19 12:02
Modified
2024-11-21 01:28
Severity ?
Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:*:*:*:*:*:*:*:*",
"matchCriteriaId": "6F9DA2FE-4D4A-4050-AA4E-E600B85B6CD1",
"versionEndIncluding": "8.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "457D7ED3-5F22-47E0-9849-39229F893774",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9C7A0546-10A3-4E3F-83B8-A8C12CCCC745",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_service_monitor:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "814A0932-E5B5-4B2C-8216-433E0D6C4238",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
"matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "30403ADA-2382-402D-AAD3-6E86F8E23616",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0810DAF4-2D1B-4B48-9DD1-BC417B3C7E04",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "690FA80D-A157-4D4E-980D-C9AA0009D853",
"versionEndIncluding": "8.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
"matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
"matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
"matchCriteriaId": "D63D2042-C271-4671-9858-2DE4709BAD19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3BF00348-D8E9-4FC0-A6EA-7B16707441A3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:emc:ionix_acm:*:*:*:*:*:*:*:*",
"matchCriteriaId": "78FD3AEC-D4FF-49BB-86F1-8E90133E2418",
"versionEndIncluding": "2.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:ionix_asam:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BD264FD3-A076-4414-B159-D9A81B15A026",
"versionEndIncluding": "3.2.0.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:emc:ionix_ip:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7A30BC92-680F-455D-A3A9-6690F78F485D",
"versionEndIncluding": "8.1.1.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versi\u00f3n 8.6, tal y como es usado en Unified Operations Manager anterior a versi\u00f3n 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y m\u00faltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versi\u00f3n 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versi\u00f3n 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versi\u00f3n 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de paquetes dise\u00f1ados al puerto TCP 9002, tambi\u00e9n se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de b\u00fafer."
}
],
"id": "CVE-2011-2738",
"lastModified": "2024-11-21T01:28:51.860",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2011-09-19T12:02:55.357",
"references": [
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45979"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46016"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46052"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46053"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"source": "security_alert@emc.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"source": "security_alert@emc.com",
"url": "http://www.osvdb.org/75442"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"source": "security_alert@emc.com",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"source": "security_alert@emc.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/45979"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46016"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46052"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/46053"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/75442"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
}
],
"sourceIdentifier": "security_alert@emc.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2011-2738
Vulnerability from cvelistv5
Published
2011-09-17 10:00
Modified
2024-08-06 23:08
Severity ?
EPSS score ?
Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T23:08:23.911Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "46052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"name": "46052",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security_alert@emc.com",
"ID": "CVE-2011-2738",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "46052",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46052"
},
{
"name": "1026048",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026048"
},
{
"name": "46053",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46053"
},
{
"name": "45979",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/45979"
},
{
"name": "20110914 CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml"
},
{
"name": "75442",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/75442"
},
{
"name": "cisco-unspecified-code-execution(69828)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828"
},
{
"name": "46016",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/46016"
},
{
"name": "49627",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49627"
},
{
"name": "49644",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/49644"
},
{
"name": "20110914 Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml"
},
{
"name": "1026059",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026059"
},
{
"name": "1026047",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026047"
},
{
"name": "1026046",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1026046"
},
{
"name": "20110914 ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/519646/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2011-2738",
"datePublished": "2011-09-17T10:00:00",
"dateReserved": "2011-07-13T00:00:00",
"dateUpdated": "2024-08-06T23:08:23.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2010-3036
Vulnerability from cvelistv5
Published
2010-10-29 18:00
Modified
2024-08-07 02:55
Severity ?
EPSS score ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/68927 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml | vendor-advisory, x_refsource_CISCO | |
| http://securitytracker.com/id?1024646 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/44468 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/42011 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2010/2793 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T02:55:46.619Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "68927",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-10-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2010-11-06T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "68927",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2010-3036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "68927",
"refsource": "OSVDB",
"url": "http://osvdb.org/68927"
},
{
"name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
},
{
"name": "1024646",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024646"
},
{
"name": "44468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44468"
},
{
"name": "42011",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42011"
},
{
"name": "ADV-2010-2793",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2793"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2010-3036",
"datePublished": "2010-10-29T18:00:00",
"dateReserved": "2010-08-17T00:00:00",
"dateUpdated": "2024-08-07T02:55:46.619Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-1161
Vulnerability from cvelistv5
Published
2009-05-21 14:00
Modified
2024-08-07 05:04
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html | third-party-advisory, x_refsource_JVNDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/35040 | vdb-entry, x_refsource_BID | |
| http://jvn.jp/en/jp/JVN62527913/index.html | third-party-advisory, x_refsource_JVN | |
| http://osvdb.org/54616 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1022263 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2009/1390 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/35179 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:04:48.874Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2009-000032",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35179"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-05-20T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-06-04T09:00:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "JVNDB-2009-000032",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35179"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-1161",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2009-000032",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
},
{
"name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
},
{
"name": "35040",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35040"
},
{
"name": "JVN#62527913",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN62527913/index.html"
},
{
"name": "54616",
"refsource": "OSVDB",
"url": "http://osvdb.org/54616"
},
{
"name": "1022263",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1022263"
},
{
"name": "ADV-2009-1390",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/1390"
},
{
"name": "35179",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35179"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-1161",
"datePublished": "2009-05-21T14:00:00",
"dateReserved": "2009-03-26T00:00:00",
"dateUpdated": "2024-08-07T05:04:48.874Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}