Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:20241
HistoryNov 10, 2010 - 12:00 a.m.

Cisco ICM Setup Manager Agent.exe组件多个远程溢出漏洞

2010-11-1000:00:00
Root
www.seebug.org
22

0.703 High

EPSS

Percentile

97.7%

JSON

BUGTRAQ ID: 44699
CVE ID: CVE-2010-3040

Cisco Unified Intelligent Contact Management(ICM)是思科统一通信系统的一个重要组成部分,提供了一套集成功能,允许企业部署一个混合了多个通信渠道的解决方案。

Cisco ICM中的Agent.exe组件没有正确地处理HandleUpgradeAll、AgentUpgrade、 HandleQueryNodeInfoReq和HandleUpgradeTrace类型报文,远程攻击者可以通过向默认监听的TCP 40078端口发送恶意报文触发栈溢出,导致以当前用户权限执行任意代码。

Cisco Cisco Intelligent Contact Manager 6.0
Cisco Cisco Intelligent Contact Manager 5.0
厂商补丁:

Cisco

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://tools.cisco.com/security/center/viewAlert.x?alertId=21726

Related

securityvulns 5
zdi 4
prion 1
cve 1
securityvulns
securityvulns
ZDI-10-234: Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability
2010-11-09 00:00:00
ZDI-10-235: Cisco ICM Setup Manager Agent.exe HandleUpgradeTrace Remote Code Execution Vulnerability
2010-11-09 00:00:00
Cisco ICM Setup Manager multiple security vulnerabilities
2010-11-09 00:00:00
zdi
zdi
Cisco ICM Setup Manager Agent.exe AgentUpgrade Remote Code Execution Vulnerability
2010-11-07 00:00:00
Cisco ICM Setup Manager Agent.exe HandleQueryNodeInfoReq Remote Code Execution Vulnerability
2010-11-07 00:00:00
Cisco ICM Setup Manager Agent.exe HandleUpgradeTrace Remote Code Execution Vulnerability
2010-11-07 00:00:00
prion
prion
Stack overflow
2010-11-09 21:00:00
cve
cve
CVE-2010-3040
2010-11-09 21:00:00

0.703 High

EPSS

Percentile

97.7%

JSON
Related for SSV:20241
securityvulns5zdi4prion1cve1