Search criteria
12 vulnerabilities found for director_agent by ibm
FKIE_CVE-2010-4274
Vulnerability from fkie_nvd - Published: 2010-11-17 01:00 - Updated: 2025-04-11 00:51
Severity ?
Summary
reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | director_agent | 6.2.0 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:director_agent:6.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C9BFDDE9-902D-411C-9A43-2463347801F0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership."
},
{
"lang": "es",
"value": "reset_diragent_keys en el agente Common en IBM Systems Director v6.2.0 tiene 754 de permisos, lo que permite a usuarios locales obtener privilegios aprovechando su pertenencia al grupo del sistema"
}
],
"id": "CVE-2010-4274",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-11-17T01:00:06.137",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42239"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1024736"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/44839"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/42239"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1024736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/44839"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2010-1347
Vulnerability from fkie_nvd - Published: 2010-04-12 17:30 - Updated: 2025-04-11 00:51
Severity ?
Summary
Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ibm | director_agent | 6.1 | |
| ibm | director_agent | 6.1.2 | |
| ibm | aix | * | |
| linux | linux_kernel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ibm:director_agent:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "0C221AC2-6155-4BE2-A73B-9AF9B426B49B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:6.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "74A3EB2D-3CED-464B-B640-51988232D38A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ibm:aix:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F7F01A55-7C37-4BAF-A4D4-61E8AC54FF79",
"vulnerable": false
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "155AD4FB-E527-4103-BCEF-801B653DEA37",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts."
},
{
"lang": "es",
"value": "Director Agent v6.1 anterior a v6.1.2.3 en IBM Systems Director en AIX y Linux utiliza permisos incorrectos para las secuencias de comandos (1) diruninstall and (2) opt/ibm/director/bin/wcitinst, lo cual permite a usuarios locales conseguir privilegios mediante la ejecuci\u00f3n de estas secuencias de comandos."
}
],
"id": "CVE-2010-1347",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.2,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2010-04-12T17:30:00.523",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/63595"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39194"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/39305"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1023831"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/63595"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/39194"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/39305"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1023831"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1760
Vulnerability from fkie_nvd - Published: 2004-01-21 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"id": "CVE-2004-1760",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3692"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3692"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2004-1759
Vulnerability from fkie_nvd - Published: 2004-01-21 05:00 - Updated: 2025-04-03 01:03
Severity ?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | emergency_responder | 1.1 | |
| cisco | ip_call_center_express_enhanced | 3.0 | |
| cisco | ip_call_center_express_standard | 3.0 | |
| cisco | ip_interactive_voice_response | 3.0 | |
| cisco | personal_assistant | 1.3\(1\) | |
| cisco | personal_assistant | 1.3\(2\) | |
| cisco | personal_assistant | 1.3\(3\) | |
| cisco | personal_assistant | 1.3\(4\) | |
| cisco | personal_assistant | 1.4\(1\) | |
| cisco | personal_assistant | 1.4\(2\) | |
| ibm | director_agent | 2.2 | |
| ibm | director_agent | 3.11 | |
| cisco | call_manager | 1.0 | |
| cisco | call_manager | 2.0 | |
| cisco | call_manager | 3.0 | |
| cisco | call_manager | 3.1 | |
| cisco | call_manager | 3.1\(2\) | |
| cisco | call_manager | 3.1\(3a\) | |
| cisco | call_manager | 3.2 | |
| cisco | call_manager | 3.3 | |
| cisco | call_manager | 3.3\(3\) | |
| cisco | call_manager | 4.0 | |
| cisco | internet_service_node | * | |
| cisco | conference_connection | 1.1\(1\) | |
| cisco | conference_connection | 1.2 | |
| ibm | mcs-7815-1000 | * | |
| ibm | mcs-7815i-2.0 | * | |
| ibm | mcs-7835i-2.4 | * | |
| ibm | mcs-7835i-3.0 | * | |
| ibm | x330 | 8654 | |
| ibm | x330 | 8674 | |
| ibm | x340 | * | |
| ibm | x342 | * | |
| ibm | x345 | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:emergency_responder:1.1:*:*:*:*:*:*:*",
"matchCriteriaId": "10AFE8CE-EA67-4BC4-93BC-7D5D61D5A7C6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "D08D0AA7-669D-4632-BB67-6994CB670466",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B6CBEC2E-2706-485A-A5A7-3BB25B5C4BC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "89E40B81-A536-45DE-BEFB-1EB6F030B647",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D2B8308C-7C36-48E1-97BC-282908B9A38D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "29AF8C73-C10F-4873-941B-26C832D854EB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8CE1C413-0678-4E9A-AC7F-105538D3C56E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F4ADC051-C35B-4C68-B751-B8A2434A6E79",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "131ABD48-89ED-45B9-865B-20AF3631BA6C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:personal_assistant:1.4\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0BC18EEF-1DA5-402A-9C22-BCF287F2D501",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "7E033E9D-604D-4829-B95F-E3D095419BB2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ibm:director_agent:3.11:*:*:*:*:*:*:*",
"matchCriteriaId": "F501C60E-4B48-4F10-84B5-F29FB5BAEF74",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:cisco:internet_service_node:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02122172-DBC4-445A-9BB6-E33B6F5B9F77",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "35D53AA4-4E6D-4586-A84A-634C68C0C967",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:conference_connection:1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "38CC94AA-9702-4A7E-82C5-DE06FB7D6631",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ibm:mcs-7815-1000:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A1F0C52A-A68B-4E9B-934A-D33E8B3123E5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7815i-2.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "672D30B8-47CE-46D0-97CB-9320B4B4FC2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-2.4:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5E40E5D2-DEF9-4A28-8092-AC0B2EC0399F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:mcs-7835i-3.0:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F1C555A8-5208-4FE2-822B-11AFB5E8B9CF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8654:*:*:*:*:*:*:*",
"matchCriteriaId": "18E307F0-1987-402C-AF67-884DA8872CC9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x330:8674:*:*:*:*:*:*:*",
"matchCriteriaId": "1E4EC292-CC2D-4B6F-94A6-59185406C182",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x340:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4B72E43B-99E9-435D-87EA-1B196A63DA45",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x342:*:*:*:*:*:*:*:*",
"matchCriteriaId": "853911A3-E740-4F80-8464-7A23A59B2474",
"vulnerable": true
},
{
"criteria": "cpe:2.3:h:ibm:x345:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C00D0835-3880-4A3A-8559-C79EB4ADB25D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"id": "CVE-2004-1759",
"lastModified": "2025-04-03T01:03:51.193",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2004-01-21T05:00:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "cve@mitre.org",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/3691"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/10696"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Third Party Advisory",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/3691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Vendor Advisory"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2010-4274 (GCVE-0-2010-4274)
Vulnerability from cvelistv5 – Published: 2010-11-16 23:00 – Updated: 2024-08-07 03:43
VLAI?
Summary
reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:13.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4274",
"datePublished": "2010-11-16T23:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:43:13.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1347 (GCVE-0-2010-1347)
Vulnerability from cvelistv5 – Published: 2010-04-12 17:00 – Updated: 2024-08-07 01:21
VLAI?
Summary
Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39305",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39305",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39305",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"refsource": "OSVDB",
"url": "http://osvdb.org/63595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1347",
"datePublished": "2010-04-12T17:00:00",
"dateReserved": "2010-04-12T00:00:00",
"dateUpdated": "2024-08-07T01:21:18.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1760 (GCVE-0-2004-1760)
Vulnerability from cvelistv5 – Published: 2005-03-10 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1760",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1759 (GCVE-0-2004-1759)
Vulnerability from cvelistv5 – Published: 2005-03-10 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#721092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1759",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-4274 (GCVE-0-2010-4274)
Vulnerability from nvd – Published: 2010-11-16 23:00 – Updated: 2024-08-07 03:43
VLAI?
Summary
reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T03:43:13.193Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "42239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-11-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "42239",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-4274",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which allows local users to gain privileges by leveraging system group membership."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "42239",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/42239"
},
{
"name": "IC71821",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IC71821"
},
{
"name": "ADV-2010-2978",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/2978"
},
{
"name": "1024736",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1024736"
},
{
"name": "44839",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/44839"
},
{
"name": "systems-director-resetdiragent-sec-bypass(63238)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/63238"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-4274",
"datePublished": "2010-11-16T23:00:00",
"dateReserved": "2010-11-16T00:00:00",
"dateUpdated": "2024-08-07T03:43:13.193Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2010-1347 (GCVE-0-2010-1347)
Vulnerability from nvd – Published: 2010-04-12 17:00 – Updated: 2024-08-07 01:21
VLAI?
Summary
Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T01:21:18.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "39305",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/63595"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2010-04-07T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "39305",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"tags": [
"vendor-advisory",
"x_refsource_AIXAPAR"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/63595"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2010-1347",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permissions for the (1) diruninstall and (2) opt/ibm/director/bin/wcitinst scripts, which allows local users to gain privileges by executing these scripts."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "39305",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/39305"
},
{
"name": "39194",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39194"
},
{
"name": "systems-director-agent-sec-bypass(57611)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/57611"
},
{
"name": "1023831",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1023831"
},
{
"name": "ADV-2010-0830",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0830"
},
{
"name": "PM08236",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1PM08236"
},
{
"name": "63595",
"refsource": "OSVDB",
"url": "http://osvdb.org/63595"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2010-1347",
"datePublished": "2010-04-12T17:00:00",
"dateReserved": "2010-04-12T00:00:00",
"dateUpdated": "2024-08-07T01:21:18.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1760 (GCVE-0-2004-1760)
Vulnerability from nvd – Published: 2005-03-10 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.250Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ciscovoice-ibmservers-admin-access(14900)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14900"
},
{
"name": "3692",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3692"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "VU#602734",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/602734"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9468"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1760",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.250Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2004-1759 (GCVE-0-2004-1759)
Vulnerability from nvd – Published: 2005-03-10 05:00 – Updated: 2024-08-08 01:00
VLAI?
Summary
Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-08T01:00:37.259Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC",
"x_transferred"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2004-01-21T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-10T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#721092",
"tags": [
"third-party-advisory",
"x_refsource_CERT-VN"
],
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"tags": [
"third-party-advisory",
"government-resource",
"x_refsource_CIAC"
],
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2004-1759",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#721092",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/721092"
},
{
"name": "10696",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/10696"
},
{
"name": "ciscovoice-ibmservers-dos(14901)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14901"
},
{
"name": "1008814",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1008814"
},
{
"name": "20040121 Voice Product Vulnerabilities on IBM Servers",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml"
},
{
"name": "9469",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/9469"
},
{
"name": "3691",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/3691"
},
{
"name": "O-066",
"refsource": "CIAC",
"url": "http://www.ciac.org/ciac/bulletins/o-066.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2004-1759",
"datePublished": "2005-03-10T05:00:00",
"dateReserved": "2005-03-10T00:00:00",
"dateUpdated": "2024-08-08T01:00:37.259Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}