October 2010: one Cisco vulnerability

The Cisco Product Security Incident Response Team (PSIRT) has published one important vulnerability advisory:

  • CiscoWorks Common Services Arbitrary Code Execution Vulnerability

CiscoWorks Common Services Arbitrary Code Execution Vulnerability
CiscoWorks Common Services for both Oracle Solaris and Microsoft Windows contains a vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code on a host device with privileges of a system administrator.

Vulnerable Products
CiscoWorks Common Services versions 3.0.5 and later are affected by this vulnerability. Versions 4.0 and later contain the fix. Administrators can check version details and licensing information about CiscoWorks Common Services by clicking the About button located in the top right corner of the CiscoWorks home page.

Details
CiscoWorks Common Services is a set of management services that are shared by network management applications in a CiscoWorks solution set. CiscoWorks Common Services provides the foundation for CiscoWorks applications to share a common model for data storage, login, user role definitions, access privileges, security protocols, and navigation. It creates a standard user experience for all management functions. It also provides the common framework for all basic system level operations such as installation, data management (including backup-restoration and importing-exporting), event and message handling, job and process management, and software updates.

Exploitable buffer overflows exist in the Cisco developed authentication code in the web server module of CiscoWorks Common Services, which can be exploited remotely without authentication. A successful exploit could cause the web server to crash or allow the attacker to execute arbitrary code on the server. Any code would execute with system administrative privileges. The vulnerability could be exploited over TCP port 443 or 1741.

Impact
Successful exploitation of this vulnerability could allow a remote unauthenticated attacker to execute arbitrary code on the CiscoWorks server machine with the privileges of the system administrator.

Link: http://www.cisco.com/…/security_advisory09186a0080b51501.shtml

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.