Detections
Analytics
Cisco CiscoWorks Internetwork Performance Monitor Remote Command Execution
critical Nessus Plugin ID 33946
Language:
Synopsis
The remote service allows execution of arbitrary commands.Description
CiscoWorks Internetwork Performance Monitor (IPM) is a troubleshooting application that gauges network response time and availability. It is available as a component within the CiscoWorks LAN Management Solution (LMS) bundle.CiscoWorks IPM version 2.6 for Sun Solaris and Microsoft Windows operating systems contains a process that causes a command shell to automatically be bound to a randomly selected TCP port.
Remote, unauthenticated users are able to connect to the open port and execute arbitrary commands with 'casuser' privileges on Solaris systems and with SYSTEM privileges on Windows systems.
Solution
Upgrade to IPM version 2.6 and apply the CSCsj06260 patch.See Also
http://www.cisco.com/warp/public/707/cisco-sa-20080313-ipm.shtml
http://www.cisco.com/pcgi-bin/tablebuild.pl/ipm-sol?psrtdcat20e2
Plugin Details
Severity: Critical
ID: 33946
File Name: ciscoworks_ipm.nbin
Version: 1.75
Type: remote
Family: CISCO
Published: 8/19/2008
Updated: 7/17/2024
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: High
Score: 7.4
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.8
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 3/13/2008
Vulnerability Publication Date: 3/13/2008
Exploitable With
CANVAS (D2ExploitPack)
Reference Information
CVE: CVE-2008-1157
BID: 28249
CWE: 20