Title : CiscoWorks IPM Remote Shell Command Execution Vulnerability VUPEN ID : VUPEN/ADV-2008-0876 CVE ID : CVE-2008-1157
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-03-14
Technical Description
A vulnerability has been identified in CiscoWorks Internetwork Performance Monitor (IPM), which could be exploited by remote attackers to take complete control of an affected system. This issue is caused by a design error where the application contains a process that causes a command shell to automatically be bound to a randomly selected TCP port, which could be exploited by unauthenticated attackers to execute arbitrary commands with "casuser" privileges on Solaris systems and with "SYSTEM" privileges on Windows systems.
