CVE-2010-3036

CiscoWorks Common Services - Remote Code Execution via Authentication Buffer Overflow

Title source: llm
STIX 2.1

Description

Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://osvdb.org/68927
Patch, Vendor Advisory vendor-advisory x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1024646
Patch vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/44468
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/42011
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2793

Scores

EPSS 0.0599
EPSS Percentile 92.5%

Details

CWE
CWE-119
Status published
Products (20)
cisco/ciscoworks_common_services 3.0.5
cisco/ciscoworks_common_services 3.0.6
cisco/ciscoworks_common_services 3.1
cisco/ciscoworks_common_services 3.1.1
cisco/ciscoworks_common_services 3.2
cisco/ciscoworks_common_services 3.3
cisco/ciscoworks_lan_management_solution 2.6 update
cisco/ciscoworks_lan_management_solution 3.0 (2 CPE variants)
cisco/ciscoworks_lan_management_solution 3.1
cisco/ciscoworks_lan_management_solution 3.2
... and 10 more
Published Oct 29, 2010
Tracked Since Feb 18, 2026