CERT-In Vulnerability Note CIVN-2010-06
CiscoWorks Internetwork Performance Monitor Remote Buffer Overflow Vulnerability
Original Issue Date: February 03, 2010
Severity Rating:
High
System Affected
Overview
CiscoWorks Internetwork Performance Monitor (IPM) prior to versions 2.6, for Microsoft Windows operating systems, contain a buffer overflow vulnerability that could allow a remote unauthenticated attacker to execute arbitrary code.
Description
CiscoWorks IPM is a troubleshooting application that gauges network response time and availability.
A vulnerability has been reported in CiscoWorks Internetwork Performance Monitor (IPM) that could allow an unauthenticated, remote attacker to execute arbitrary code with SYSTEM privileges.
The vulnerability exists because of a buffer overflow error when processing malformed Common Object Request Broker Architecture (CORBA) General Inter-ORB Protocol (GIOP) requests. An unauthenticated, remote attacker can send specially crafted CORBA GIOP request to trigger a buffer overflow in the Internet Performance Monitor (IPM) and execute arbitrary code on the target system with SYSTEM privileges.
Solution
Apply appropriate patch as mentioned in Cisco Security Advisory Vendor Information
Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20100120-ipm.shtml References
CISCO
http://tools.cisco.com/security/center/viewAlert.x?alertId=19722
VUPEN
http://www.vupen.com/english/advisories/2010/0184
Securitytracker
http://securitytracker.com/alerts/2010/Jan/1023484.html
CVE Name
CVE-2010-0138
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
