Cisco TelePresence Multipoint Switch < 1.7.0 Multiple Vulnerabilities (cisco-sa-20110223-telepresence-ctms)

NASLDB: Cisco TelePresence Multipoint Switch < 1.7.0 Multiple Vulnerabilities (cisco-sa-20110223-telepresence-ctms)

General

ID: 60139
Name: Cisco TelePresence Multipoint Switch < 1.7.0 Multiple Vulnerabilities (cisco-sa-20110223-telepresence-ctms)

Summary: Checks CTMS version number

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Port: 443
Family: CGI abuses
Type: Remote

Description

According to its self-reported version number, the version of Cisco
TelePresence Multipoint Switch running on the remote host is earlier
than 1.7.0 and, therefore, has the following vulnerabilities:

– Servlets used to perform administrative actions are
accessible without authentication. (CVE-2011-0383,
CVE-2011-0384, CVE-2011-0387)

– Unauthenticated attackers can upload files to arbitrary
locations. (CVE-2011-0385)

– An unauthenticated attacker on the same network segment
could send a malicious Cisco Discovery Protocol packet,
resulting in a buffer overflow. (CVE-2011-0379)

– Java RMI access is not properly restricted, which could
allow an unauthenticated, remote attacker to cause a
denial of service. (CVE-2011-0388)

– Receiving a malicious RTCP packet could cause the
call control process to crash. (CVE-2011-0389)

A remote, unauthenticated attacker could potentially exploit the most
severe of these vulnerabilities to take complete control of the host.