Cisco Systems released a security update meant to close three vulnerabilities in one of its network monitoring products.
The San Jose Calif.based company released an advisory to its customers warning of the flaws in its CSMARS (Cisco Security Monitoring Analysis and Response System) and is offering clients a patch update that promises to close the loopholes.
The issues are related to the software's interaction with thirdparty applications and revolve around the program's CLI (command line interface) the company said.
The problems occur when the monitoring software is used in conjunction with several products from other vendors specifically Oracle's database applications and the open source JBoss Web application server both of which are shipped bundled together with CSMARS.
In the case of the Oracle issue Cisco said that the database software contains several default accounts with wellknown passwords that could allow outsiders to gain access to information in the system if they are aware of the login information which was originally distributed by Oracle.
The affected information contained in the database potentially includes authentication credentials for network devices such as firewalls routers and IPS devices and the details of network security events Cisco said.
The company said that its CSMARS appliance offers additional hardening to prevent local and remote unauthorized access to the database but that as a precaution the database accounts have now been disabled to prevent potential attacks.
The CSMARS application does not use the default Oracle database accounts the firm reported.
With JBoss Web application server the networking giant said that a component of the software's installation may allow a remote unauthenticated user to execute arbitrary shell commands with the privileges of a legitimate administrator.
The third security glitch directly involves the CLI which Cisco said contains several vulnerabilities that could allow authenticated administrators to execute arbitrary shell commands with root privileges.
The CLI is described by the company as a restricted shell environment meant to allow administrators to perform system maintenance tasks.
If exploited the privilege escalation vulnerabilities could allow shell commands to be executed on the underlying appliance operating system with root privileges according to bulletin.
Cisco contends that all three of the vulnerabilities were corrected with the release of the newly patched version of the package dubbed CSMARS software version ...
The networking market leader was forced to issue three other security patches earlier this year that addressed denialofservice vulnerabilities in multiple products. Cisco issued two separate updates for its Cisco Call Manager the softwarebased callprocessing component of the Cisco IP telephony service along with a patch for a Cisco IOS flaw.
Other security vendors have also been forced to update their products to close vulnerabilities in recent months.
In early June antivirus market leader Symantec released a fix for a highrisk worm hole in two enterprisefacing product lines.
Symantec described the issue as a stack overflow affecting Symantec Client Security and Symantec AntiVirus Corporate Edition two product suites targeted at business and government customers.