CVE-2010-0572

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus

SecuriTeam™
Beyond Security®

SecuriTeam™ Home
Ask the Team
Mailing Lists
Advertising Info
Blogs

	SecuriTeam™ in Your Inbox

	E-mail this CVE-2010-0572 to a friend

New vulnerability?
New tool?
Tell us

Credit:
The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20100303-dmm.shtml

Website Security Scan	Code Vulnerability Test	Network Assessment Tool
Detect hidden vulnerabilities	Exhaustive automated testing	Real-time, continuous security
Get guidance from professionals	of internal or 3rd party code.	scanning for your entire network

Check for CVE-2010-0572

Vulnerability Assessment and Management.
Automated Pen Testing for 50 to 50,000 nodes
beyondsecurity.com/vulnerability-scanner

Vulnerable Systems:
Cisco DMM version 5.1.X

Immune Systems:
Cisco DMM version 5.2

The Cisco DMM can be used to manage the Cisco Digital Media Player. The Cisco Digital Media Player is an IP-based endpoint that can play high-definition live and on-demand video, motion graphics, web pages, and dynamic content on digital displays.

A vulnerability exists in all Cisco DMM versions earler than 5.2 that could allow authenticated but unauthorized users to view Cisco Digital Media Player user credentials and LDAP credentials (if configured) in error log messages and stack traces.

This vulnerability is documented in Cisco Bug ID CSCtc46050 and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2010-0572.

Successful exploitation of this vulnerability could allow authenticated but unauthorized users to view Cisco Digital Media Player user credentials and LDAP credentials (if configured) in error log messages and stack traces.

CVE Information:
CVE-2010-0572

Disclosure Timeline:
2010.03.03: Release of this Advisory

Security News - Security Reviews - Exploits - Tools - UNIX Focus - Windows Focus