Vulnerabilities > CVE-2011-2738 - Remote Code Execution vulnerability in Multiple Cisco Products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
Vulnerable Configurations
Nessus
| NASL family | CGI abuses |
| NASL id | CISCO_UOM_8_6.NASL |
| description | According to its self-reported version number, the version of Cisco Unified Operations Manager on the remote host has multiple vulnerabilities : - Multiple reflected XSS. (CVE-2011-0959, CVE-2011-0961, CVE-2011-0962) - Multiple blind SQL injections. (CVE-2011-0960) - A directory traversal in auditLog.do. (CVE-2011-0966) - An unspecified code execution vulnerability. (CVE-2011-2738) |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 56485 |
| published | 2011-10-13 |
| reporter | This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/56485 |
| title | Cisco Unified Operations Manager < 8.6 Multiple Vulnerabilities |
References
- http://secunia.com/advisories/45979
- http://secunia.com/advisories/46016
- http://secunia.com/advisories/46052
- http://secunia.com/advisories/46053
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml
- http://www.osvdb.org/75442
- http://www.securityfocus.com/archive/1/519646/100/0/threaded
- http://www.securityfocus.com/bid/49627
- http://www.securityfocus.com/bid/49644
- http://www.securitytracker.com/id?1026046
- http://www.securitytracker.com/id?1026047
- http://www.securitytracker.com/id?1026048
- http://www.securitytracker.com/id?1026059
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69828