CVE-2010-3036

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
10 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:C/I:C/A:C
ciscoCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
VendorProductVersion
ciscociscoworks_common_services
3.0.5
ciscociscoworks_common_services
3.0.6
ciscociscoworks_common_services
3.1
ciscociscoworks_common_services
3.1.1
ciscociscoworks_common_services
3.2
ciscociscoworks_common_services
3.3
ciscociscoworks_lan_management_solution
2.6:update
ciscociscoworks_lan_management_solution
3.0
ciscociscoworks_lan_management_solution
3.0:december_2007
ciscociscoworks_lan_management_solution
3.1
ciscociscoworks_lan_management_solution
3.2
ciscoqos_policy_manager
4.0
ciscoqos_policy_manager
4.0.1
ciscoqos_policy_manager
4.0.2
ciscosecurity_manager
3.0.2
ciscosecurity_manager
3.2
ciscotelepresence_readiness_assessment_manager
1.0
ciscounified_operations_manager
2.0.1
ciscounified_operations_manager
2.0.2
ciscounified_operations_manager
2.0.3
ciscounified_service_monitor
2.0.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://osvdb.org/68927
http://secunia.com/advisories/42011
http://securitytracker.com/id?1024646
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
http://www.securityfocus.com/bid/44468
http://www.vupen.com/english/advisories/2010/2793
http://osvdb.org/68927
http://secunia.com/advisories/42011
http://securitytracker.com/id?1024646
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
http://www.securityfocus.com/bid/44468
http://www.vupen.com/english/advisories/2010/2793