受影响系统:
Cisco Cisco Security Agent Cisco Security Agent 6.0.1.132
Cisco Cisco Security Agent Cisco Security Agent 6.0(2.099
Cisco Cisco Security Agent Cisco Security Agent 6.0(1.126
Cisco Cisco Security Agent Cisco Security Agent 6.0
Cisco Cisco Security Agent Cisco Security Agent 5.2.0.296
Cisco Cisco Security Agent Cisco Security Agent 5.2 .285
Cisco Cisco Security Agent Cisco Security Agent 5.2
Cisco Cisco Security Agent Cisco Security Agent 5.1.0.117
Cisco Cisco Security Agent Cisco Security Agent 5.1 .79
Cisco Cisco Security Agent Cisco Security Agent 5.1
不受影响系统:
Cisco Cisco Security Agent Cisco Security Agent 6.0.2.145
描述:
Cisco Security Agent为服务器和桌面计算系统提供威胁保护。Cisco Security Agent
可以在单机模式中工作或由Management Center for Cisco Security Agent管理。
Cisco Security Agent在实现上存在远程代码执行漏洞,远程攻击者可以利用此漏洞修改代理策略和系统配置,执行其他管理任务,造成完全控制受影响设备和拒绝服务攻击。
<*来源:Gerry Eisenhaur
链接:http://www.cisco.com/warp/public/707/cisco-sa-20110216-csa.shtml
*>
建议:
厂商补丁:
Cisco
—–
Cisco已经为此发布了一个安全公告(cisco-sa-20110216-csa)以及相应补丁:
cisco-sa-20110216-csa:Management Center for Cisco Security Agent Remote Code Execution Vulnerability
链接:http://www.cisco.com/warp/public/707/cisco-sa-20110216-csa.shtml
0 条评论。