思科产品两个不明细节漏洞

发布日期:2011-09-15
更新日期:2011-09-15

受影响系统:
Cisco Unified Operations Manager (CUOM) 8.x
Cisco Unified Service Monitor (CUSM) 8.x
Cisco CiscoWorks Prime LAN Management Solution (LMS) 4.x
描述:
--------------------------------------------------------------------------------
CVE ID: CVE-2011-2738

cisco思科系统公司(Cisco Systems, Inc.)是互联网解决方案的领先提供者,其设备和软件产品主要用于连接计算机网络系统。

多个思科产品在实现上存在两个不明细节漏洞,恶意用户可利用这些漏洞控制受影响系统。

通过发送到TCP端口9002的特制报文可触发此漏洞。

<*来源:AbdulAziz Hariri
 
  链接:http://secunia.com/advisories/45979/
        http://www.cisco.com/warp/public/707/cisco-sa-20110914-lms.shtml
        http://www.cisco.com/warp/public/707/cisco-sa-20110914-cusm.shtml
*>

建议:
--------------------------------------------------------------------------------
厂商补丁:

Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20110914-cusm)以及相应补丁:

cisco-sa-20110914-cusm:Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities

链接:http://www.cisco.com/warp/public/707/cisco-sa-20110914-cusm.shtml

相关推荐