Vulnerability Bulletins

int(3628)

Vulnerability Bulletins

Desbordamiento de búfer en Cisco Security Agent para Windows
Vulnerability classification
Property	Value
Confidence level	Oficial
Impact	Obtener acceso
Dificulty	Experto
Required attacker level	Acceso remoto sin cuenta a un servicio estandar
System information
Property	Value
Affected manufacturer	Networking
Affected software	Cisco Security Agent for Windows
Description
Se ha encontrado una vulnerabilidad del tipo desbordamiento de búfer en Cisco Security Agent. La vulnerabilidad reside en la forma en que manipula segmentos TCP destinados a los puertos 139 y 445. Un atacante remoto con una sesión TCP establecida podría ejecutar código arbitrario con privilegios administrativos o causar una denegación de servicio del sistema Windows
Solution
Actualización de software Cisco Managed Cisco Security Agents 4.5.1 / Hotfix 4.5.1.672 Managed Cisco Security Agents 5.0 / Hotfix 5.0.0.225 Managed Cisco Security Agents 5.1 / Hotfix 5.1.0.106 Managed Cisco Security Agents 5.2 / Hotfix 5.2.0.238 http://www.cisco.com/pcgi-bin/tablebuild.pl/csahf-crypto?psrtdcat20e2 Cisco Security Agent for Cisco IP Communications Products 4.5.1 / CUCM-CSA-4.5.1.672-2.0.7-k9.exe Cisco Security Agent for Cisco IP Communications Products 5.0 / CUCM-CSA-5.0.0.225-3.0.7-k9.exe http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des?psrtdcat20e2 Cisco Security Agent for Cisco Security Manager / Hotfix fcs-csamc-hotfix-5.2.0.238-w2k3-k9-CSM.zip http://www.cisco.com/pcgi-bin/tablebuild.pl/csm-app?psrtdcat20e2
Standar resources
Property	Value
CVE	CVE-2007-5580
BID
Other resources
Cisco Security Advisory (cisco-sa-20071205-csa) http://www.cisco.com/warp/public/707/cisco-sa-20071205-csa.shtml

Version history
Version	Comments	Date
1.0	Aviso emitido	2007-12-07

Vulnerability Bulletins

Desbordamiento de búfer en Cisco Security Agent para Windows

Vulnerability classification

System information

Description

Solution

Standar resources

Other resources

Version history