CVE-2011-2738: Buffer Overflow
First published: Sat Sep 17 2011(Updated: )
Multiple unspecified vulnerabilities in Cisco Unified Service Monitor before 8.6, as used in Unified Operations Manager before 8.6 and CiscoWorks LAN Management Solution 3.x and 4.x before 4.1; and multiple EMC Ionix products including Application Connectivity Monitor (Ionix ACM) 2.3 and earlier, Adapter for Alcatel-Lucent 5620 SAM EMS (Ionix ASAM) 3.2.0.2 and earlier, IP Management Suite (Ionix IP) 8.1.1.1 and earlier, and other Ionix products; allow remote attackers to execute arbitrary code via crafted packets to TCP port 9002, aka Bug IDs CSCtn42961 and CSCtn64922, related to a buffer overflow.
Credit: security_alert@emc.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| EMC Ionix IP | <=8.1.1.1 | |
| EMC Ionix ACM | <=2.3 | |
| EMC Ionix ASAM | <=3.2.0.2 | |
| Cisco Unified Service Monitor | <=8.5 | |
| Cisco Unified Service Monitor | =1.1 | |
| Cisco Unified Service Monitor | =2.0 | |
| Cisco Unified Service Monitor | =2.0.1 | |
| Cisco Unified Service Monitor | =2.1 | |
| Cisco Unified Service Monitor | =2.2 | |
| Cisco Unified Service Monitor | =2.3 | |
| Cisco Unified Service Monitor | =8.0 | |
| Cisco Ciscoworks LAN Management Solution | =3.0 | |
| Cisco Ciscoworks LAN Management Solution | =3.0-december_2007 | |
| Cisco Ciscoworks LAN Management Solution | =3.1 | |
| Cisco Ciscoworks LAN Management Solution | =3.2 | |
| Cisco Ciscoworks LAN Management Solution | =4.0 | |
| Cisco Ciscoworks LAN Management Solution | =4.0.1 | |
| Cisco Unified Operations Manager | <=8.5 | |
| Cisco Unified Operations Manager | =1.0 | |
| Cisco Unified Operations Manager | =1.1 | |
| Cisco Unified Operations Manager | =2.0 | |
| Cisco Unified Operations Manager | =2.0.1 | |
| Cisco Unified Operations Manager | =2.0.2 | |
| Cisco Unified Operations Manager | =2.0.3 | |
| Cisco Unified Operations Manager | =2.1 | |
| Cisco Unified Operations Manager | =2.2 | |
| Cisco Unified Operations Manager | =2.3 | |
| Cisco Unified Operations Manager | =8.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351f.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080b9351e.shtml
- http://secunia.com/advisories/45979
- http://www.osvdb.org/75442
- http://secunia.com/advisories/46016
- http://www.securityfocus.com/bid/49644
- http://www.securitytracker.com/id?1026059
- http://secunia.com/advisories/46053
- http://www.securitytracker.com/id?1026047
- http://www.securitytracker.com/id?1026048
- http://www.securitytracker.com/id?1026046
- http://www.securityfocus.com/bid/49627
- http://secunia.com/advisories/46052
- https://exchange.xforce.ibmcloud.com/vulnerabilities/69828
- http://www.securityfocus.com/archive/1/519646/100/0/threaded
Frequently Asked Questions
What is the severity of CVE-2011-2738?
The CVE-2011-2738 vulnerability has a moderate severity rating due to its potential risk of unauthorized access and exposure of sensitive data.
What versions are affected by CVE-2011-2738?
CVE-2011-2738 affects multiple versions of Cisco Unified Service Monitor prior to 8.6, CiscoWorks LAN Management Solution 3.x and 4.x before 4.1, and various EMC Ionix products.
How do I fix CVE-2011-2738?
To fix CVE-2011-2738, upgrade Cisco Unified Service Monitor to version 8.6 or later, and ensure that all affected EMC Ionix products are updated to their latest available versions.
What types of products are impacted by CVE-2011-2738?
CVE-2011-2738 impacts Cisco Unified Service Monitor, Unified Operations Manager, Ciscoworks LAN Management Solution, and several EMC Ionix products.
Is CVE-2011-2738 actively exploited in the wild?
As of the latest updates, there is no public information indicating that CVE-2011-2738 is actively being exploited in the wild.
- collector/nvd-historical
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/author
- agent/references
- agent/severity
- agent/weakness
- agent/first-publish-date
- agent/description
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/emc
- canonical/emc ionix ip
- version/emc ionix ip/8.1.1.1
- canonical/emc ionix acm
- version/emc ionix acm/2.3
- canonical/emc ionix asam
- version/emc ionix asam/3.2.0.2
- vendor/cisco
- canonical/cisco unified service monitor
- version/cisco unified service monitor/8.5
- version/cisco unified service monitor/1.1
- version/cisco unified service monitor/2.0
- version/cisco unified service monitor/2.0.1
- version/cisco unified service monitor/2.1
- version/cisco unified service monitor/2.2
- version/cisco unified service monitor/2.3
- version/cisco unified service monitor/8.0
- canonical/cisco ciscoworks lan management solution
- version/cisco ciscoworks lan management solution/3.0
- version/cisco ciscoworks lan management solution/3.0-december_2007
- version/cisco ciscoworks lan management solution/3.1
- version/cisco ciscoworks lan management solution/3.2
- version/cisco ciscoworks lan management solution/4.0
- version/cisco ciscoworks lan management solution/4.0.1
- canonical/cisco unified operations manager
- version/cisco unified operations manager/8.5
- version/cisco unified operations manager/1.0
- version/cisco unified operations manager/1.1
- version/cisco unified operations manager/2.0
- version/cisco unified operations manager/2.0.1
- version/cisco unified operations manager/2.0.2
- version/cisco unified operations manager/2.0.3
- version/cisco unified operations manager/2.1
- version/cisco unified operations manager/2.2
- version/cisco unified operations manager/2.3
- version/cisco unified operations manager/8.0