CVE-2008-1157

Name of the Vulnerable Software and Affected Versions Cisco CiscoWorks Internetwork Performance Monitor (IPM) version 2.6

Description The issue allows remote attackers to execute arbitrary commands due to a process created by Cisco CiscoWorks Internetwork Performance Monitor (IPM) that executes a command shell and listens on a randomly chosen TCP port.

Recommendations For Cisco CiscoWorks Internetwork Performance Monitor (IPM) version 2.6, consider disabling the process that executes the command shell until a patch is available. Restrict access to the TCP port used by the process to minimize the risk of exploitation.