This script is Copyright (C) 2008-2013 Tenable Network Security, Inc.
The remote service allows execution of arbitrary commands.
CiscoWorks Internetwork Performance Monitor (IPM) is a troubleshooting
application that gauges network response time and availability. It is
available as a component within the CiscoWorks LAN Management Solution
CiscoWorks IPM version 2.6 for Sun Solaris and Microsoft Windows
operating systems contains a process that causes a command shell to
automatically be bound to a randomly selected TCP port.
Remote, unauthenticated users are able to connect to the open port and
execute arbitrary commands with 'casuser' privileges on Solaris
systems and with SYSTEM privileges on Windows systems.
See also :
Upgrade to IPM version 2.6 and apply the CSCsj06260 patch.
Risk factor :
Critical / CVSS Base Score : 10.0
CVSS Temporal Score : 7.8
Public Exploit Available : true