English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 146377 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.105800
Kategorie:CISCO
Titel:Cisco Unified Computing System Platform Emulator Command Injection/Buffer Overflow Vulnerability
Zusammenfassung:Cisco Unified Computing System Platform Emulator is prone to multiple vulnerabilities
Beschreibung:Summary:
Cisco Unified Computing System Platform Emulator is prone to multiple vulnerabilities

Vulnerability Insight:
1.
A vulnerability in the Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to perform a command injection attack.
The vulnerability occurs because the affected system improperly handles ucspe-copy command-line arguments. An attacker could exploit this vulnerability by using crafted command arguments on the system. An exploit could allow the attacker to perform a command injection attack, which could allow the attacker to execute arbitrary commands on the system.

2.
A vulnerability in Cisco Unified Computing System (UCS) Platform Emulator could allow an authenticated, local attacker to trigger a heap-based buffer overflow on a targeted system.

The vulnerability occurs because the affected system improperly handles libclimeta.so filename arguments. An attacker could exploit this vulnerability by sending crafted filename arguments to the system. An exploit could allow the attacker to execute code on the system or cause a denial of service (DoS) condition.

Affected Software/OS:
Cisco Unified Computing System Platform Emulator < 3.1(1ePE1)

Solution:
Updates are available

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1340
Cisco Security Advisory: 20160414 Cisco Unified Computing System Platform Emulator Filename Argument Handling Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe2
http://www.securitytracker.com/id/1035582
Common Vulnerability Exposure (CVE) ID: CVE-2016-1339
Cisco Security Advisory: 20160414 Cisco Unified Computing System Platform Emulator Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160414-ucspe1
http://www.securitytracker.com/id/1035581
CopyrightCopyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.