fkie_cve-2011-2738
Vulnerability from fkie_nvd
Published
2011-09-19 12:02
Modified
2024-11-21 01:28
Severity ?
Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
References
security_alert@emc.comhttp://secunia.com/advisories/45979Vendor Advisory
security_alert@emc.comhttp://secunia.com/advisories/46016Vendor Advisory
security_alert@emc.comhttp://secunia.com/advisories/46052Vendor Advisory
security_alert@emc.comhttp://secunia.com/advisories/46053Vendor Advisory
security_alert@emc.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtmlVendor Advisory
security_alert@emc.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtmlVendor Advisory
security_alert@emc.comhttp://www.osvdb.org/75442
security_alert@emc.comhttp://www.securityfocus.com/archive/1/519646/100/0/threaded
security_alert@emc.comhttp://www.securityfocus.com/bid/49627
security_alert@emc.comhttp://www.securityfocus.com/bid/49644
security_alert@emc.comhttp://www.securitytracker.com/id?1026046
security_alert@emc.comhttp://www.securitytracker.com/id?1026047
security_alert@emc.comhttp://www.securitytracker.com/id?1026048
security_alert@emc.comhttp://www.securitytracker.com/id?1026059
security_alert@emc.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/69828
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45979Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46016Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46052Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46053Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/75442
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/519646/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/49627
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/49644
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1026046
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1026047
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1026048
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1026059
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/69828
Impacted products
Vendor Product Version
cisco unified_service_monitor *
cisco unified_service_monitor 1.1
cisco unified_service_monitor 2.0
cisco unified_service_monitor 2.0.1
cisco unified_service_monitor 2.1
cisco unified_service_monitor 2.2
cisco unified_service_monitor 2.3
cisco unified_service_monitor 8.0
cisco ciscoworks_lan_management_solution 3.0
cisco ciscoworks_lan_management_solution 3.0
cisco ciscoworks_lan_management_solution 3.1
cisco ciscoworks_lan_management_solution 3.2
cisco ciscoworks_lan_management_solution 4.0
cisco ciscoworks_lan_management_solution 4.0.1
cisco unified_operations_manager *
cisco unified_operations_manager 1.0
cisco unified_operations_manager 1.1
cisco unified_operations_manager 2.0
cisco unified_operations_manager 2.0.1
cisco unified_operations_manager 2.0.2
cisco unified_operations_manager 2.0.3
cisco unified_operations_manager 2.1
cisco unified_operations_manager 2.2
cisco unified_operations_manager 2.3
cisco unified_operations_manager 8.0
emc ionix_acm *
emc ionix_asam *
emc ionix_ip *


To clipboard 

{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6F9DA2FE-4D4A-4050-AA4E-E600B85B6CD1",
                     versionEndIncluding: "8.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6041F558-D641-4067-BBC8-EC23D0A1ED18",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA713155-3826-401C-88E6-5D556513877A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "56101F5A-4099-4027-859D-07CFE598F1B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "457D7ED3-5F22-47E0-9849-39229F893774",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C7A0546-10A3-4E3F-83B8-A8C12CCCC745",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_service_monitor:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "814A0932-E5B5-4B2C-8216-433E0D6C4238",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "D6CF9518-2D68-4E95-862B-54B622622B9D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
                     matchCriteriaId: "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C446E75-5404-4875-AD94-DF953A7874FC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "30403ADA-2382-402D-AAD3-6E86F8E23616",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:4.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "0810DAF4-2D1B-4B48-9DD1-BC417B3C7E04",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "690FA80D-A157-4D4E-980D-C9AA0009D853",
                     versionEndIncluding: "8.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC421340-135D-45AD-8E59-F1B62805ABEB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5510F4F-93C9-4722-97F5-37A05B48C23D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C73FD728-7A22-4248-B4DA-62AB2704A411",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "DD2DF29A-4E30-442C-BB14-F22D955B112A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4CA03A21-13EF-476E-892B-D0A494779594",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "107A78CC-8943-4D33-BE60-CBFC72FE405D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "5CA3DB6A-A1D4-4CB4-A62D-3269E27094D9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:2.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "D63D2042-C271-4671-9858-2DE4709BAD19",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:cisco:unified_operations_manager:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3BF00348-D8E9-4FC0-A6EA-7B16707441A3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:emc:ionix_acm:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "78FD3AEC-D4FF-49BB-86F1-8E90133E2418",
                     versionEndIncluding: "2.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:emc:ionix_asam:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BD264FD3-A076-4414-B159-D9A81B15A026",
                     versionEndIncluding: "3.2.0.2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:emc:ionix_ip:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A30BC92-680F-455D-A3A9-6690F78F485D",
                     versionEndIncluding: "8.1.1.1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.",
      },
      {
         lang: "es",
         value: "Múltiples vulnerabilidades no especificadas en Unified Service Monitor de Cisco anterior a versión 8.6, tal y como es usado en Unified Operations Manager anterior a versión 8.6 y CiscoWorks LAN Management Solution versiones 3.x y 4.x anteriores a 4.1; y múltiples productos de Ionix de EMC, incluido Application Connectivity Monitor (Ionix ACM) versión 2.3 y versiones anteriores, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) versión 3.2.0.2 y anteriores, IP Management Suite (Ionix IP) versión 8.1.1.1 y versiones anteriores, y otros productos Ionix; permiten a los atacantes remotos ejecutar código arbitrario por medio de paquetes diseñados al puerto TCP 9002, también se conoce como Bug IDs CSCtn42961 y CSCtn64922, relacionados con un desbordamiento de búfer.",
      },
   ],
   id: "CVE-2011-2738",
   lastModified: "2024-11-21T01:28:51.860",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 10,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:N/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 10,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
   },
   published: "2011-09-19T12:02:55.357",
   references: [
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/45979",
      },
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46016",
      },
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46052",
      },
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46053",
      },
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml",
      },
      {
         source: "security_alert@emc.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.osvdb.org/75442",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securityfocus.com/archive/1/519646/100/0/threaded",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securityfocus.com/bid/49627",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securityfocus.com/bid/49644",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securitytracker.com/id?1026046",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securitytracker.com/id?1026047",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securitytracker.com/id?1026048",
      },
      {
         source: "security_alert@emc.com",
         url: "http://www.securitytracker.com/id?1026059",
      },
      {
         source: "security_alert@emc.com",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/45979",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46016",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46052",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://secunia.com/advisories/46053",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.osvdb.org/75442",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/archive/1/519646/100/0/threaded",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/49627",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securityfocus.com/bid/49644",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1026046",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1026047",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1026048",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "http://www.securitytracker.com/id?1026059",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/69828",
      },
   ],
   sourceIdentifier: "security_alert@emc.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "NVD-CWE-noinfo",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}


Log in or create an account to share your comment.

Security Advisory comment format.

This schema specifies the format of a comment related to a security advisory.

UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).



Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.