Vulnerability CVE-2011-2738
Published: 2011-09-19   Modified: 2012-02-13

Description:
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.

Type:

CWE-noinfo

CVSS2 => (AV:N/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
10/10
10/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
EMC -> Ionix acm 
EMC -> Ionix asam 
EMC -> Ionix ip 
Cisco -> Ciscoworks lan management solution 
Cisco -> Unified operations manager 
Cisco -> Unified service monitor 

 References:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml
http://www.securityfocus.com/archive/1/519646/100/0/threaded
http://www.securityfocus.com/bid/49627
http://www.securityfocus.com/bid/49644
http://www.securitytracker.com/id?1026046
http://www.securitytracker.com/id?1026047
http://www.securitytracker.com/id?1026048
http://www.securitytracker.com/id?1026059
https://exchange.xforce.ibmcloud.com/vulnerabilities/69828
Copyright 2024, cxsecurity.com

 

Back to Top