Cisco IBM Director agent fails to authenticate users for remote administration.
Cisco voice products (e.g. CallManager, IP Interactive Voice Response, IP Call Center Express) that run on IBM servers install IBM Director agent to provide administrative management. The default installation of the IBM Director agent does not require authentication for performing remote administration.
A remote attacker could perform administrative functions without authenticating.
Quoting the Cisco Advisory:
Apply Cisco Repair Script
2. The repair script secures the Director agent such that even if port 14247 is reenabled, the Director agent still would not accept connections from any Director Server.
3. The Director Agent executable files which are not necessary to the functioning of the program, yet provide high levels of access or control, are completely disabled by this repair script.
This was reported by the Cisco Systems Product Security Incident Response Team (PSIRT).
This document was written by Damon Morda.
|Date First Published:||2004-01-22|
|Date Last Updated:||2004-01-23 20:36 UTC|