PT-2005-3821 · Avocent · Avocent Ccm Console Server

Dirk Wetter

Published

2005-09-19

Updated

2017-07-11

CVE-2005-2984

CVSS v2.0

4.6

Medium

Vector

AV:L/AC:L/Au:N/C:P/I:P/A:P

Name of the Vulnerable Software and Affected Versions Avocent CCM console server version 2.1 CCM4850

Description The issue allows remote authenticated attackers to bypass port restrictions. This can be achieved by connecting to the server via SSH and using the connect command to access the serial port.

Recommendations For Avocent CCM console server version 2.1 CCM4850, consider restricting access to the SSH connection and limiting the use of the connect command to authorized personnel only. As a temporary workaround, restrict access to the serial port until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2005-2984

Affected Products

Avocent Ccm Console Server

PT-2005-3821 · Avocent · Avocent Ccm Console Server

CVE-2005-2984

Related Identifiers

Affected Products

References · 6