Vulnerability Bulletins |
Ejecución de código en Cisco CiscoWorks Common Services |
|
Vulnerability classification |
|
| Property | Value |
| Confidence level | Oficial |
| Impact | Obtener acceso |
| Dificulty | Experto |
| Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
| Property | Value |
| Affected manufacturer | Networking |
| Affected software | Cisco CiscoWorks Common Services 3.0.3 - 3.1.1 |
Description |
|
|
Se ha descubierto una vulnerabilidad en Cisco CiscoWorks Common Services 3.0.3 hasta la versión 3.1.1. La vulnerabilidad reside en un error no especificado. Un atacante remoto podría ejecutar código arbitrario mediante métodos no especificados. |
|
Solution |
|
|
Actualización de software Cisco CiscoWorks Common Services version 3.2 / Solaris / patch cwcs3.x-sol-CSCsm77245-0.tar.gz CiscoWorks Common Services version 3.2 / Windows / patch cwcs3.x-win-CSCsm77245-0.zip http://www.cisco.com/pcgi-bin/tablebuild.pl/cw2000-cd-one |
|
Standar resources |
|
| Property | Value |
| CVE | CVE-2008-2054 |
| BID | |
Other resources |
|
|
Cisco Security Advisory (cisco-sa-20080528-cw) http://www.cisco.com/warp/public/707/cisco-sa-20080528-cw.shtml |
|
Version history |
||
| Version | Comments | Date |
| 1.0 | Aviso emitido | 2008-06-10 |