Cisco Prime LAN Management Solution Command Execution Vulnerability

2013-01-09T16:00:00
ID CISCO-SA-20130109-LMS
Type cisco
Reporter Cisco
Modified 2013-01-23T20:31:22

Description

Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privileges of the root user. The vulnerability is due to improper validation of authentication and authorization commands sent to certain TCP ports. An attacker could exploit this vulnerability by connecting to the affected system and sending arbitrary commands.

Cisco has released software updates that address this vulnerability. Workarounds that mitigate these vulnerabilities are available. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130109-lms"]

Linux-based Cisco Prime LAN Management Solution (LMS) Virtual Appliance contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary commands with the privilege of the root user. The vulnerability is due to improper validation of authentication and authorization commands by the remote shell server (rshd) running on the affected system. An attacker could exploit this vulnerability by accessing the remote shell (rsh) service of the affected system and sending arbitrary commands.

Note: Only Linux-based Cisco Prime LMS Virtual Appliances are affected by this vulnerability. Cisco Prime LMS running on Windows or Solaris is not affected.

This vulnerability can be exploited over TCP port 514.