what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 2 of 2 RSS Feed

CVE-2010-3037

Status Candidate

Overview

goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and possibly Unified Videoconferencing System 3545 and 5230, Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway, Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway, and Unified Videoconferencing 3515 Multipoint Control Unit (MCU), allows remote authenticated administrators to execute arbitrary commands via the username field, related to a "shell command injection vulnerability," aka Bug ID CSCti54059.

Related Files

Cisco Unified Videoconferencing Command Injection / Various Issues
Posted Nov 18, 2010
Authored by Florent Daigniere | Site trustmatta.com

Cisco Unified Videoconferencing system versions 3515,3522,3527,5230,3545,5110 and 5115 suffer from hard-coded credential, service misconfiguration, weak session ID, cookie storing of credentials, command injection and weak obfuscation vulnerabilities.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2010-3037, CVE-2010-3038
SHA-256 | 34574a022d1b743eb1e6b83e30eab653ab9cf93cb2d80db1668e365bd9c2323f
Cisco Security Response 20101117-cuvc
Posted Nov 17, 2010
Authored by Cisco Systems | Site cisco.com

This is the Cisco Product Security Incident Response Team (PSIRT) response to a posting entitled "Cisco Unified Videoconferencing multiple vulnerabilities" by Florent Daigniere of Matta Consulting regarding vulnerabilities in the Cisco Unified Videoconferencing (Cisco UVC) 5100 series products. Several of the vulnerabilities also impact Cisco Unified Videoconferencing 5200 and 3500 Series Products.

tags | advisory, vulnerability
systems | cisco
advisories | CVE-2010-3037, CVE-2010-3038
SHA-256 | 69ff03ff2b451e16c8342723ca698a082590a674746e6fb250333321452c49ba
Page 1 of 1
Back1Next

File Archive:

October 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    39 Files
  • 2
    Oct 2nd
    23 Files
  • 3
    Oct 3rd
    18 Files
  • 4
    Oct 4th
    20 Files
  • 5
    Oct 5th
    0 Files
  • 6
    Oct 6th
    0 Files
  • 7
    Oct 7th
    17 Files
  • 8
    Oct 8th
    0 Files
  • 9
    Oct 9th
    0 Files
  • 10
    Oct 10th
    0 Files
  • 11
    Oct 11th
    0 Files
  • 12
    Oct 12th
    0 Files
  • 13
    Oct 13th
    0 Files
  • 14
    Oct 14th
    0 Files
  • 15
    Oct 15th
    0 Files
  • 16
    Oct 16th
    0 Files
  • 17
    Oct 17th
    0 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close