Published: 21/07/2006 Updated: 20/07/2017

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Multiple unspecified vulnerabilities in the Command Line Interface (CLI) for Cisco Security Monitoring, Analysis and Response System (CS-MARS) prior to 4.2.1, allow local CS-MARS administrators to execute arbitrary commands as root.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco cs-mars 4.1.5
cisco cs-mars 4.1.2
cisco cs-mars 4.1.3
cisco cs-mars 4.1

#!/usr/bin/perl # # Cisco/Protego CS-MARS < 421 remote command execution, system compromise # via insecure JBoss installation # # Fully functional POC code by Jon Hart <jhart@spoofedorg> # # Addressed in CSCse47646 # # CS-MARS is an event correlation product orginally written by Protego, # which is now owned by Cisco It is built on ...

NVD-CWE-Other http://www.cisco.com/warp/public/707/cisco-sa-20060719-mars.shtml http://www.securityfocus.com/bid/19071 http://www.securityfocus.com/bid/19077 http://securitytracker.com/id?1016537 http://secunia.com/advisories/21118 http://www.vupen.com/english/advisories/2006/2887 https://exchange.xforce.ibmcloud.com/vulnerabilities/27812 https://nvd.nist.gov https://www.exploit-db.com/exploits/2048/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2006-3734

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect