微慑信息网

CVE-2008-1157-漏洞详情

CVE-2008-1157
CVSS 10.0
发布时间 :2008-03-14 16:44:00
修订时间 :2011-03-07 22:06:02
NMCOPS    

[原文]Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 creates a process that executes a command shell and listens on a randomly chosen TCP port, which allows remote attackers to execute arbitrary commands.


[CNNVD]CiscoWorks Internetwork Performance Monitor shell绑定远程命令执行漏洞(CNNVD-200803-230)

        CiscoWorks IPM是可测量网络响应时间和可用性的故障检测应用。


        Solaris和Windows平台上的的IPM 2.6版中的一个进程可导致将命令shell自动绑定到随机选择的TCP端口上,未经认证的远程用户可以连接到开放的端口上并在Solaris系统上以casuser权限或在Windows系统上以SYSTEM权限执行任意命令。


CVSS (基础分值)

CVSS分值: 10 [严重(HIGH)]
机密性影响: COMPLETE [完全的信息泄露导致所有系统文件暴露]
完整性影响: COMPLETE [系统完整性可被完全破坏]
可用性影响: COMPLETE [可能导致系统完全宕机]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: NETWORK [攻击者不需要获取内网访问权或本地访问权]
身份认证: NONE [漏洞利用无需身份认证]


CWE (弱点类目)

CWE-20 [输入验证不恰当]


CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用


OVAL (用于检测的技术细节)

未找到相关OVAL定义


官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1157

(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1157

(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-200803-230

(官方数据源) CNNVD


其它链接及资源

http://www.securityfocus.com/bid/28249


(PATCH)  BID  28249
http://www.cisco.com/warp/public/707/cisco-sa-20080313-ipm.shtml


(VENDOR_ADVISORY)  CISCO  20080313 CiscoWorks Internetwork Performance Monitor Remote Command Execution Vulnerability
http://xforce.iss.net/xforce/xfdb/41208


(UNKNOWN)  XF  cisco-ciscoworks-ipm-command-execution(41208)
http://www.vupen.com/english/advisories/2008/0876/references


(UNKNOWN)  VUPEN  ADV-2008-0876
http://www.securitytracker.com/id?1019611


(UNKNOWN)  SECTRACK  1019611
http://secunia.com/advisories/29376


(VENDOR_ADVISORY)  SECUNIA  29376


漏洞信息

CiscoWorks Internetwork Performance Monitor shell绑定远程命令执行漏洞
危急 输入验证
2008-03-14 00:00:00 2008-09-05 00:00:00
远程  
        CiscoWorks IPM是可测量网络响应时间和可用性的故障检测应用。


        Solaris和Windows平台上的的IPM 2.6版中的一个进程可导致将命令shell自动绑定到随机选择的TCP端口上,未经认证的远程用户可以连接到开放的端口上并在Solaris系统上以casuser权限或在Windows系统上以SYSTEM权限执行任意命令。


公告与补丁

        目前厂商已经发布了升级补丁以修复这个安全问题,补丁下载链接:


        http://www.cisco.com/warp/public/707/cisco-sa-20080313-ipm.shtml


        http://www.cisco.com/pcgi-bin/tablebuild.pl/ipm-sol?psrtdcat20e2


漏洞信息 (F64562)

Cisco Security Advisory 20080313-ipm (PacketStormID:F64562)

2008-03-13 00:00:00
Cisco Systems  cisco.com

advisory,remote,arbitrary

cisco,windows,solaris

CVE-2008-1157

[点击下载]

Cisco Security Advisory – CiscoWorks Internetwork Performance Monitor (IPM) version 2.6 for Sun Solaris and Microsoft Windows operating systems contains a vulnerability that allows remote, unauthenticated users to execute arbitrary commands. There are no workarounds for this vulnerability.


漏洞信息


42960
CiscoWorks Internetwork Performance Monitor (IPM) Remote Arbitrary Command Execution

Remote / Network Access

Input Manipulation
Loss of Integrity Patch / RCS
Exploit Commercial Vendor Verified


漏洞描述


时间线


2008-03-13

Unknow
Unknow Unknow


解决方案

Currently, there are no known workarounds or upgrades to correct this issue. However, Cisco has released a patch to address this vulnerability.


相关参考


漏洞作者

Unknown or Incomplete


漏洞信息

Cisco CiscoWorks Internetwork Performance Monitor Unspecified Remote Command Execution Vulnerability

Input Validation Error

28249
Yes No
2008-03-13 12:00:00 2008-03-14 10:11:00

The vendor reported this issue.


受影响的程序版本

Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6


漏洞讨论

Cisco Internetwork Performance Monitor (IPM) is prone to a remote command execution vulnerability.



An attacker can exploit this issue to execute arbitrary commands with 'casuser' privileges on Solaris and SYSTEM-level privileges on Windows. Successfully exploiting this issue will result in the complete compromise of affected computers.



This issue affects IPM 2.6.


漏洞利用

Currently we are not aware of any exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected]


解决方案

The vendor released an advisory and fixes. Please see the referenced advisory for details.




相关参考

本文标题:CVE-2008-1157-漏洞详情
本文链接:
(转载请附上本文链接)
http://vulsee.com/archives/vulsee_2019/0713_3337.html
转载请附本站链接,未经允许不得转载,,谢谢:微慑信息网-VulSee.com » CVE-2008-1157-漏洞详情
分享到: 更多 (0)

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址

微慑信息网 专注工匠精神

访问我们联系我们