CVE-2010-0138 – Cisco CiscoWorks IPM GIOP getProcessName Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0138

Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Windows, as distributed in CiscoWorks LAN Management Solution (LMS), allows remote attackers to execute arbitrary code via a malformed getProcessName CORBA General Inter-ORB Protocol (GIOP) request, related to a "third-party component," aka Bug ID CSCsv62350. Desbordamiento de búfer en Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 y versiones anteriores en Windows, tal y como se distrubuye en CiscoWorks LAN Management Solution (LMS), permite a atacantes remotos ejecutar código de su elección mediante una petición getProcessName CORBA General Inter-ORB Protocol (GIOP) malformada, relacionado con un "componente de terceros", también conocido como Bug ID CSCsv62350. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Cisco CiscoWorks Internetwork Performance Monitor. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of CORBA GIOP requests. By making a specially crafted getProcessName GIOP request an attacker can corrupt memory. • http://secunia.com/advisories/38230 http://securitytracker.com/id?1023484 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1351d.shtml http://www.securityfocus.com/bid/37879 http://www.vupen.com/english/advisories/2010/0184 http://www.zerodayinitiative.com/advisories/ZDI-10-004 https://exchange.xforce.ibmcloud.com/vulnerabilities/55768 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •