CVE-2010-3036
CiscoWorks Common Services - Remote Code Execution via Authentication Buffer Overflow
Title source: llmDescription
Multiple buffer overflows in the authentication functionality in the web-server module in Cisco CiscoWorks Common Services before 4.0 allow remote attackers to execute arbitrary code via a session on TCP port (1) 443 or (2) 1741, aka Bug ID CSCti41352.
References (6)
Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/68927
Patch, Vendor Advisory vendor-advisory
x_refsource_cisco
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b51501.shtml
Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1024646
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/44468
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/42011
Vendor Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2010/2793
Scores
EPSS
0.0599
EPSS Percentile
92.5%
Details
CWE
CWE-119
Status
published
Products (20)
cisco/ciscoworks_common_services
3.0.5
cisco/ciscoworks_common_services
3.0.6
cisco/ciscoworks_common_services
3.1
cisco/ciscoworks_common_services
3.1.1
cisco/ciscoworks_common_services
3.2
cisco/ciscoworks_common_services
3.3
cisco/ciscoworks_lan_management_solution
2.6 update
cisco/ciscoworks_lan_management_solution
3.0 (2 CPE variants)
cisco/ciscoworks_lan_management_solution
3.1
cisco/ciscoworks_lan_management_solution
3.2
... and 10 more
Published
Oct 29, 2010
Tracked Since
Feb 18, 2026