Zero Day Initiative Advisory 10-235 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the HandleUpgradeTrace packet type the process blindly copies user supplied data into a fixed-length buffer on the stack. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.
9de8bb9db58f410cba9f36172a081300ab267f70973d774a19e17e9ea6340d92
Zero Day Initiative Advisory 10-234 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the HandleQueryNodeInfoReq packet type the process blindly copies user supplied data into a fixed-length stack buffer. A remote attacker can abuse this to execute arbitrary code under the context of the SYSTEM user.
5cbe58ed34ad87f5aa93ba702ac61a1010bb216f9a520eba2e46f3cc66f199dd
Zero Day Initiative Advisory 10-233 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco Unified ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When handling the AgentUpgrade packet type the process blindly copies user supplied data to a fixed-length stack buffer. A remote attacker can abuse this to execute arbitrary code under the context of the SYSTEM user.
f50c89a735b8698ea7dd36a66c0253764cc5959089d83e80471d5b21e1d4798e
Zero Day Initiative Advisory 10-232 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco ICM. Authentication is not required to exploit this vulnerability. The flaw exists within the Agent.exe component which listens by default on TCP port 40078. When processing the HandleUpgradeAll packet type an unchecked copy of user supplied data is performed into a stack-based buffer of a controlled size. Successful exploitation of this vulnerability leads to remote code execution under the context of the SYSTEM user.
5e8f7b4cf0626e9ad39c153ec1a730efb4b2a13bd3b067d33125483afe17ff21