Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Unified Communications Manager shell characters vulnerability
Published:09.11.2010
Source:
SecurityVulns ID:11245
Type:local
Threat Level:
5/10
Description:Shell characters vulnerability in /usr/local/cm/bin/pktCap_protectData suid binary.
Affected:CISCO : Unified Communications Manager 6.1
 CISCO : Unified Communications Manager 7.1
 CISCO : Unified Communications Manager 8.0
CVE:CVE-2010-3039 (/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930.)
Original documentdocumentHenri Lindberg, nSense-2010-003: Cisco Unified Communications Manager (09.11.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod