CVE-2011-0364

Sažetak

The Management Console (webagent.exe) in Cisco Security Agent 5.1, 5.2, and 6.0 before 6.0.2.145 allows remote attackers to create arbitrary files and execute arbitrary code via unspecified parameters in a crafted st_upload request.

Reference

http://secunia.com/advisories/43383
http://secunia.com/advisories/43393
http://securityreason.com/securityalert/8095
http://securityreason.com/securityalert/8197
http://securityreason.com/securityalert/8205
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml
http://www.securityfocus.com/archive/1/516505/100/0/threaded
http://www.securityfocus.com/bid/46420
http://www.securitytracker.com/id?1025088
http://www.vupen.com/english/advisories/2011/0424
http://www.zerodayinitiative.com/advisories/ZDI-11-088
https://exchange.xforce.ibmcloud.com/vulnerabilities/65436

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

10-10-2018 - 20:09

Objavljeno

19-02-2011 - 01:00