CVE-2010-3036

Sažetak

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.

Reference

http://osvdb.org/68927
http://secunia.com/advisories/42011
http://securitytracker.com/id?1024646
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
http://www.securityfocus.com/bid/44468
http://www.vupen.com/english/advisories/2010/2793

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

06-11-2010 - 05:38

Objavljeno

29-10-2010 - 19:00