All the vulnerabilites related to cisco - telepresence_readiness_assessment_manager
cve-2010-3036
Vulnerability from cvelistv5
Published
2010-10-29 18:00
Modified
2024-08-07 02:55
Severity ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
http://osvdb.org/68927vdb-entry, x_refsource_OSVDB
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtmlvendor-advisory, x_refsource_CISCO
http://securitytracker.com/id?1024646vdb-entry, x_refsource_SECTRACK
http://www.securityfocus.com/bid/44468vdb-entry, x_refsource_BID
http://secunia.com/advisories/42011third-party-advisory, x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2010/2793vdb-entry, x_refsource_VUPEN
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T02:55:46.619Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "68927",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/68927"
          },
          {
            "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
          },
          {
            "name": "1024646",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1024646"
          },
          {
            "name": "44468",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/44468"
          },
          {
            "name": "42011",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/42011"
          },
          {
            "name": "ADV-2010-2793",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2010/2793"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2010-10-27T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2010-11-06T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "68927",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/68927"
        },
        {
          "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
        },
        {
          "name": "1024646",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1024646"
        },
        {
          "name": "44468",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/44468"
        },
        {
          "name": "42011",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/42011"
        },
        {
          "name": "ADV-2010-2793",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2010/2793"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2010-3036",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "68927",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/68927"
            },
            {
              "name": "20101027 CiscoWorks Common Services Arbitrary Code Execution Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
            },
            {
              "name": "1024646",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1024646"
            },
            {
              "name": "44468",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/44468"
            },
            {
              "name": "42011",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/42011"
            },
            {
              "name": "ADV-2010-2793",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2010/2793"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2010-3036",
    "datePublished": "2010-10-29T18:00:00",
    "dateReserved": "2010-08-17T00:00:00",
    "dateUpdated": "2024-08-07T02:55:46.619Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2009-1161
Vulnerability from cvelistv5
Published
2009-05-21 14:00
Modified
2024-08-07 05:04
Severity ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.htmlthird-party-advisory, x_refsource_JVNDB
http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtmlvendor-advisory, x_refsource_CISCO
http://www.securityfocus.com/bid/35040vdb-entry, x_refsource_BID
http://jvn.jp/en/jp/JVN62527913/index.htmlthird-party-advisory, x_refsource_JVN
http://osvdb.org/54616vdb-entry, x_refsource_OSVDB
http://securitytracker.com/id?1022263vdb-entry, x_refsource_SECTRACK
http://www.vupen.com/english/advisories/2009/1390vdb-entry, x_refsource_VUPEN
http://secunia.com/advisories/35179third-party-advisory, x_refsource_SECUNIA
Impacted products
Vendor Product Version
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:04:48.874Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "JVNDB-2009-000032",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVNDB",
              "x_transferred"
            ],
            "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
          },
          {
            "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
          },
          {
            "name": "35040",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/35040"
          },
          {
            "name": "JVN#62527913",
            "tags": [
              "third-party-advisory",
              "x_refsource_JVN",
              "x_transferred"
            ],
            "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
          },
          {
            "name": "54616",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/54616"
          },
          {
            "name": "1022263",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1022263"
          },
          {
            "name": "ADV-2009-1390",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2009/1390"
          },
          {
            "name": "35179",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/35179"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-05-20T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-06-04T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "JVNDB-2009-000032",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVNDB"
          ],
          "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
        },
        {
          "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
        },
        {
          "name": "35040",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/35040"
        },
        {
          "name": "JVN#62527913",
          "tags": [
            "third-party-advisory",
            "x_refsource_JVN"
          ],
          "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
        },
        {
          "name": "54616",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/54616"
        },
        {
          "name": "1022263",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1022263"
        },
        {
          "name": "ADV-2009-1390",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2009/1390"
        },
        {
          "name": "35179",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/35179"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-1161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "JVNDB-2009-000032",
              "refsource": "JVNDB",
              "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
            },
            {
              "name": "20090520 CiscoWorks TFTP Directory Traversal Vulnerability",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
            },
            {
              "name": "35040",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/35040"
            },
            {
              "name": "JVN#62527913",
              "refsource": "JVN",
              "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
            },
            {
              "name": "54616",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/54616"
            },
            {
              "name": "1022263",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1022263"
            },
            {
              "name": "ADV-2009-1390",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2009/1390"
            },
            {
              "name": "35179",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/35179"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-1161",
    "datePublished": "2009-05-21T14:00:00",
    "dateReserved": "2009-03-26T00:00:00",
    "dateUpdated": "2024-08-07T05:04:48.874Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Vulnerability from fkie_nvd
Published
2009-05-21 14:30
Modified
2024-11-21 01:01
Severity ?
Summary
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors.
References
ykramarz@cisco.comhttp://jvn.jp/en/jp/JVN62527913/index.html
ykramarz@cisco.comhttp://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html
ykramarz@cisco.comhttp://osvdb.org/54616
ykramarz@cisco.comhttp://secunia.com/advisories/35179
ykramarz@cisco.comhttp://securitytracker.com/id?1022263
ykramarz@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtmlPatch, Vendor Advisory
ykramarz@cisco.comhttp://www.securityfocus.com/bid/35040
ykramarz@cisco.comhttp://www.vupen.com/english/advisories/2009/1390
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN62527913/index.html
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/54616
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/35179
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1022263
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/35040
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/1390
Impacted products
Vendor Product Version
cisco ciscoworks_common_services 3.0.3
cisco ciscoworks_common_services 3.0.4
cisco ciscoworks_common_services 3.0.5
cisco ciscoworks_common_services 3.0.6
cisco ciscoworks_common_services 3.1
cisco ciscoworks_common_services 3.1.1
cisco ciscoworks_common_services 3.2
cisco ciscoworks_health_and_utilization_monitor 1.0
cisco ciscoworks_health_and_utilization_monitor 1.1
cisco ciscoworks_lan_management_solution 2.5
cisco ciscoworks_lan_management_solution 2.6
cisco ciscoworks_lan_management_solution 3.0
cisco ciscoworks_lan_management_solution 3.1
cisco ciscoworks_qos_policy_manager 4.0
cisco ciscoworks_qos_policy_manager 4.1
cisco ciscoworks_voice_manager 3.0
cisco ciscoworks_voice_manager 3.1
cisco security_manager 3.0
cisco security_manager 3.1
cisco security_manager 3.2
cisco telepresence_readiness_assessment_manager 1.0
cisco unified_operations_manager 1.0
cisco unified_operations_manager 1.1
cisco unified_operations_manager 2.0
cisco unified_operations_manager 2.1
cisco unified_provisioning_manager 1.0
cisco unified_provisioning_manager 1.1
cisco unified_provisioning_manager 1.2
cisco unified_provisioning_manager 1.3
cisco unified_service_monitor 1.0
cisco unified_service_monitor 1.1
cisco unified_service_monitor 2.0
cisco unified_service_monitor 2.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.3:*:windows:*:*:*:*:*",
              "matchCriteriaId": "EFFC3AE9-1B61-44F8-938B-6363EDB2DD5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.4:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1BB12692-8BCD-4601-83AE-12F1AFD1EF03",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:windows:*:*:*:*:*",
              "matchCriteriaId": "1017A34C-A119-41D4-AE10-1E35FAFF0547",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:windows:*:*:*:*:*",
              "matchCriteriaId": "5399066A-658B-4494-A291-DB20E0CE7687",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "BD8374C6-D8A3-43CB-A9F7-8A71CD69BE9F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:windows:*:*:*:*:*",
              "matchCriteriaId": "DC455CA4-A1F7-4614-9A6F-ABCB0C9026E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:windows:*:*:*:*:*",
              "matchCriteriaId": "F5941482-DB47-49E8-90BA-650073C3A233",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CC556B9-7073-41E3-8099-00B796F8B68B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_health_and_utilization_monitor:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "87814504-DC6B-41CA-873E-F46B2F71A3FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB783DD2-C6B7-406B-9DC4-E1BC832D025C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57CBDA0C-EE71-459C-AFA1-9879C6727287",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A30B25F2-2DEB-4254-88DB-FA31AB6CA04D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_qos_policy_manager:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "F77163A8-3F2F-473F-B776-A155D94011DF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1F143B9-20B4-4140-805F-5F709290D6E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_voice_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "562CA8A8-C17E-4985-8EA0-E2CB61355FEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7BE4D6E7-9884-4C7B-BD40-F8C08E78E93A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "921F93B3-84A8-471B-9A3A-780C76BA3685",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC421340-135D-45AD-8E59-F1B62805ABEB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "C5510F4F-93C9-4722-97F5-37A05B48C23D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C73FD728-7A22-4248-B4DA-62AB2704A411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "930EA844-7016-4EC3-833D-70D1B1DE6DA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C453852A-D639-4872-B8FE-AE7E2BC019A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "4D4D4CAE-582C-47F5-A3D5-CC1D3BE00308",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0337CC9-B682-4135-B5C8-745B41474EBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_provisioning_manager:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "14FC0DD7-81A3-4294-ACA5-0F8B05E7CC49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A5A8958-B3DE-443B-921F-3AE25FFBF615",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "3B2F5BDC-A768-4A07-92A2-1C9DF484C3A7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6041F558-D641-4067-BBC8-EC23D0A1ED18",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "56101F5A-4099-4027-859D-07CFE598F1B5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, tambi\u00e9n utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a trav\u00e9s de vectores no especificados."
    }
  ],
  "id": "CVE-2009-1161",
  "lastModified": "2024-11-21T01:01:48.360",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-05-21T14:30:00.390",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://osvdb.org/54616"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://secunia.com/advisories/35179"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1022263"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.securityfocus.com/bid/35040"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/1390"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN62527913/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/54616"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/35179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1022263"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/35040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/1390"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2010-10-29 19:00
Modified
2024-11-21 01:17
Severity ?
Summary
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References
ykramarz@cisco.comhttp://osvdb.org/68927
ykramarz@cisco.comhttp://secunia.com/advisories/42011Vendor Advisory
ykramarz@cisco.comhttp://securitytracker.com/id?1024646
ykramarz@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtmlPatch, Vendor Advisory
ykramarz@cisco.comhttp://www.securityfocus.com/bid/44468Patch
ykramarz@cisco.comhttp://www.vupen.com/english/advisories/2010/2793Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/68927
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/42011Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1024646
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/44468Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/2793Vendor Advisory
Impacted products
Vendor Product Version
cisco ciscoworks_common_services 3.0.5
cisco ciscoworks_common_services 3.0.6
cisco ciscoworks_common_services 3.1
cisco ciscoworks_common_services 3.1.1
cisco ciscoworks_common_services 3.2
cisco ciscoworks_common_services 3.3
cisco ciscoworks_lan_management_solution 2.6
cisco ciscoworks_lan_management_solution 3.0
cisco ciscoworks_lan_management_solution 3.0
cisco ciscoworks_lan_management_solution 3.1
cisco ciscoworks_lan_management_solution 3.2
cisco qos_policy_manager 4.0
cisco qos_policy_manager 4.0.1
cisco qos_policy_manager 4.0.2
cisco security_manager 3.0.2
cisco security_manager 3.2
cisco telepresence_readiness_assessment_manager 1.0
cisco unified_operations_manager 2.0.1
cisco unified_operations_manager 2.0.2
cisco unified_operations_manager 2.0.3
cisco unified_service_monitor 2.0.1


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "88AD3EC2-36B1-4E34-BD7F-B1D02B32178A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "5CC9C408-0BE2-45A6-ACB3-B9EBB22BC773",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "499CD64C-8692-4BE7-8F5E-5964ACDA1972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2152A29-7074-4659-AA8A-BB3E793ED4A6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "518309CD-F453-4B0B-8C1D-E534CE0E336B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_common_services:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "22DE1462-59AC-40BE-89DF-AB43CA3EC7BE",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:2.6:update:*:*:*:*:*:*",
              "matchCriteriaId": "3D8B4ED2-15B4-4FE1-A159-D6435B5DCA5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6CF9518-2D68-4E95-862B-54B622622B9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.0:december_2007:*:*:*:*:*:*",
              "matchCriteriaId": "D81D6312-9A3E-483D-BBFC-C7688B3872A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C446E75-5404-4875-AD94-DF953A7874FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:ciscoworks_lan_management_solution:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD8493C0-A3FF-473A-BFD5-DB6051AE8DCC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "1BEE8595-B861-4DAB-9708-B2DA30C36C77",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "96C5C060-E09E-4F28-9B87-0417DBFB9368",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:qos_policy_manager:4.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "83FCE4EC-B432-4768-BF3A-F1A29BD6B4B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "2F831EEB-A499-4C76-A085-52F3D750E0FD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:security_manager:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4686AD6B-CAB3-4CE5-9B13-D30613C614CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:telepresence_readiness_assessment_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "668AEB8D-4923-4EAE-A67A-979D7B816108",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DD2DF29A-4E30-442C-BB14-F22D955B112A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4CA03A21-13EF-476E-892B-D0A494779594",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_operations_manager:2.0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "107A78CC-8943-4D33-BE60-CBFC72FE405D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_service_monitor:2.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AA713155-3826-401C-88E6-5D556513877A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352."
    },
    {
      "lang": "es",
      "value": "Multiples desbordamientos de b\u00fafer en la funci\u00f3n de autenticaci\u00f3n en el m\u00f3dulo web-server de Cisco CiscoWorks Common Services anterior a v4.0 permite a los atacantes remotos ejecutar c\u00f3digo a su elecci\u00f3n a trav\u00e9s de sesiones TCP en el puerto (1) 443 o (2) 1741, tambi\u00e9n conocido como \"Bug ID CSCti41352\"."
    }
  ],
  "id": "CVE-2010-3036",
  "lastModified": "2024-11-21T01:17:55.163",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2010-10-29T19:00:02.013",
  "references": [
    {
      "source": "ykramarz@cisco.com",
      "url": "http://osvdb.org/68927"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42011"
    },
    {
      "source": "ykramarz@cisco.com",
      "url": "http://securitytracker.com/id?1024646"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/44468"
    },
    {
      "source": "ykramarz@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2793"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/68927"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/42011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1024646"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/44468"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2010/2793"
    }
  ],
  "sourceIdentifier": "ykramarz@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}