Users of Cisco Unified Intelligent Contact Management please be advised of a Remote Code Execution vulnerability that has been identified.
To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)
Amplify’d from www.criticalwatch.com
ZDI-10-232: [ZDI-10-232] Cisco ICM Setup Manager Agent.exe HandleUpgradeAll Remote Code Execution Vulnerability
-- Affected Products:
Cisco Unified Intelligent Contact Management
-- Vulnerability Details:
This vulnerability allows remote attackers to execute arbitrary code on
vulnerable installations of Cisco ICM. Authentication is not required to
exploit this vulnerability.
The flaw exists within the Agent.exe component which listens by default
on TCP port 40078. When processing the HandleUpgradeAll packet type an
unchecked copy of user supplied data is performed into a stack-based
buffer of a controlled size. Successful exploitation of this
vulnerability leads to remote code execution under the context of the
SYSTEM user.Read more at www.criticalwatch.com
See this Amp at http://amplify.com/u/ex4p

No comments:
Post a Comment