Detections
Analytics
CiscoWorks Internetwork Performance Monitor CORBA GIOP Overflow
critical Nessus Plugin ID 69447
Language:
Synopsis
The remote host has an application installed that is affected by a buffer overflow vulnerability.Description
The version of CiscoWorks Internetwork Performance Monitor installed on the remote Windows host is less than or equal to 2.6. Such versions are potentially affected by a buffer overflow vulnerability when processing Common Object Request Broker Architecture GIOP requests. By exploiting this flaw, a remote, unauthenticated attacker could execute arbitrary code subject to the privileges of the user running the affected application.Solution
Contact the vendor for instructions on migrating to non-vulnerable software.See Also
https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20100120-ipm.html
Plugin Details
Severity: Critical
ID: 69447
File Name: ciscoworks_ipm_20100120.nasl
Version: 1.7
Type: local
Agent: windows
Family: Windows
Published: 8/22/2013
Updated: 9/26/2019
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:cisco:ciscoworks_internetwork_performance_monitor
Required KB Items: SMB/Registry/Enumerated
Exploit Ease: No known exploits are available
Patch Publication Date: 1/20/2010
Vulnerability Publication Date: 1/20/2010
Reference Information
CVE: CVE-2010-0138
BID: 37879
CWE: 119