Cisco CiscoWorks Internetwork Performance Monitor Remote Command Execution

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.

Synopsis :

The remote service allows execution of arbitrary commands.

Description :

CiscoWorks Internetwork Performance Monitor (IPM) is a troubleshooting
application that gauges network response time and availability. It is
available as a component within the CiscoWorks LAN Management Solution
(LMS) bundle.

CiscoWorks IPM version 2.6 for Sun Solaris and Microsoft Windows
operating systems contains a process that causes a command shell to
automatically be bound to a randomly selected TCP port.

Remote, unauthenticated users are able to connect to the open port and
execute arbitrary commands with 'casuser' privileges on Solaris
systems and with SYSTEM privileges on Windows systems.

See also :

Solution :

Upgrade to IPM version 2.6 and apply the CSCsj06260 patch.

Risk factor :

Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 33946 ()

Bugtraq ID: 28249

CVE ID: CVE-2008-1157

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial