CVE-2009-1161
https://notcve.org/view.php?id=CVE-2009-1161
Directory traversal vulnerability in the TFTP service in Cisco CiscoWorks Common Services (CWCS) 3.0.x through 3.2.x on Windows, as used in Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager, and other products, allows remote attackers to access arbitrary files via unspecified vectors. Vulnerabilidad de salto de directorio en el servicio TFTP en Cisco CiscoWorks Common Services (CWCS) v3.0.x hasta v3.2.x en Windows, también utilizado en Cisco Unified Service Monitor, Security Manager, TelePresence Readiness Assessment Manager, Unified Operations Manager, Unified Provisioning Manager y otros productos, lo que permite atacantes remotos acceder a ficheros arbitrarios a través de vectores no especificados. • http://jvn.jp/en/jp/JVN62527913/index.html http://jvndb.jvn.jp/ja/contents/2009/JVNDB-2009-000032.html http://osvdb.org/54616 http://secunia.com/advisories/35179 http://securitytracker.com/id?1022263 http://www.cisco.com/en/US/products/products_security_advisory09186a0080ab7b56.shtml http://www.securityfocus.com/bid/35040 http://www.vupen.com/english/advisories/2009/1390 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2008-2054
https://notcve.org/view.php?id=CVE-2008-2054
Unspecified vulnerability in Cisco CiscoWorks Common Services 3.0.3 through 3.1.1 allows remote attackers to execute arbitrary code on a client machine via unknown vectors. Vulnerabilidad sin especificar en Cisco CiscoWorks Common Services 3.0.3 a la 3.1.1, permite a atacantes remotos ejecutar código arbitrario en una máquina cliente a través de vectores desconocidos. • http://secunia.com/advisories/30422 http://www.cisco.com/en/US/products/products_security_advisory09186a00809a1f14.shtml http://www.liquidmatrix.org/blog/2008/05/28/advisory-ciscoworks-arbitrary-code-execution-vulnerability http://www.securitytracker.com/id?1020127 http://www.vupen.com/english/advisories/2008/1687/references https://exchange.xforce.ibmcloud.com/vulnerabilities/42702 •