Remote Command Execution Vulnerability in Cisco Catalyst Series 6000, 6500, and 7600
CVE-2007-1257

Currently unrated

Key Information:

Vendor: Cisco
Status: Network Analysis Module
Vendor: CVE Published:; 3 March 2007

Summary

The Network Analysis Module (NAM) in Cisco Catalyst 6000, 6500, and 7600 Series contains a vulnerability that allows remote attackers to execute arbitrary commands. This is achieved by sending specially crafted SNMP packets that appear to originate from the module's own IP address. This exploit can lead not only to unauthorized access but also to potential control and manipulation of network devices.

References

http://www.cisco.com/warp/public/707/cisco-sa-20070228-na...

vendor-advisoryx_refsource_CISCO

http://www.kb.cert.org/vuls/id/472412

third-party-advisoryx_refsource_CERT-VN

http://www.vupen.com/english/advisories/2007/0783

vdb-entryx_refsource_VUPEN

Timeline

Vulnerability published
Mar 3, 2007
Vulnerability Reserved
Mar 3, 2007