CVE-2011-0379

Summary

CVE	CVE-2011-0379
State	PUBLISHED
Assigner	cisco
Source Priority	CVE Program / NVD first with legacy fallback
Published	2011-02-25 12:00:18 UTC
Updated	2026-04-29 01:13:23 UTC
Description	Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote attackers to execute arbitrary code via a crafted Cisco Discovery Protocol packet, aka Bug IDs CSCtd75769, CSCtd75766, CSCtd75754, and CSCtd75761.

Risk And Classification

Primary CVSS: v2.0 7.9 from [email protected]

AV:A/AC:M/Au:N/C:C/I:C/A:C

Problem Types: CWE-119 | n/a

CVSS v2.0 Breakdown

Access Vector

Adjacent

Access Complexity

Medium

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

AV:A/AC:M/Au:N/C:C/I:C/A:C

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Hardware	Cisco	5500 Series Adaptive Security Appliance	All	All	All	All
Application	Cisco	Adaptive Security Appliance Software	1.6.0	All	All	All
Hardware	Cisco	Asa 5500	All	All	All	All
Hardware	Cisco	Telepresence Multipoint Switch	All	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.0.4.0	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.1.0	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.1.1	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.1.2	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.0	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.1	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.2	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.3	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.4	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.5	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.5.6	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.6.0	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.6.1	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.6.2	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.6.3	All	All	All
Application	Cisco	Telepresence Multipoint Switch Software	1.6.4	All	All	All
Hardware	Cisco	Telepresence System 1000	All	All	All	All
Hardware	Cisco	Telepresence System 1100	All	All	All	All
Application	Cisco	Telepresence System Software	1.2.3	All	All	All
Application	Cisco	Telepresence System Software	1.3.2	All	All	All
Application	Cisco	Telepresence System Software	1.4.7	All	All	All
Application	Cisco	Telepresence System Software	1.5.1	All	All	All
Application	Cisco	Telepresence System Software	1.5.10	All	All	All
Application	Cisco	Telepresence System Software	1.5.11	All	All	All
Application	Cisco	Telepresence System Software	1.5.12	All	All	All
Application	Cisco	Telepresence System Software	1.5.13	All	All	All
Application	Cisco	Telepresence System Software	1.5.3	All	All	All
Application	Cisco	Telepresence System Software	1.6.0	All	All	All
Application	Cisco	Telepresence System Software	1.6.2	All	All	All
Application	Cisco	Telepresence System Software	1.6.3	All	All	All
Application	Cisco	Telepresence System Software	1.6.4	All	All	All
Application	Cisco	Telepresence System Software	1.6.5	All	All	All
Application	Cisco	Telepresence System Software	1.6.6	All	All	All
Application	Cisco	Telepresence System Software	1.6.7	All	All	All
Application	Cisco	Telepresence System Software	1.6.8	All	All	All

Vendor Declared Affected Products

Source	Vendor	Product	Version	Platforms
CNA	Na	N/a	affected n/a	Not specified

References

Reference	Source	Link	Tags
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch - Cisco Systems	af854a3a-2127-422b-91ae-364da2661108	www.cisco.com	Vendor Advisory
Cisco Systems - Redirect to	af854a3a-2127-422b-91ae-364da2661108	www.cisco.com	Vendor Advisory
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Endpoint Devices - Cisco Systems	af854a3a-2127-422b-91ae-364da2661108	www.cisco.com	Vendor Advisory
Cisco TelePresence Endpoint Devices Have Flaws That Let Remote Users Deny Service and Execute Arbitrary Commands and Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
Cisco TelePresence Multipoint Switch Flaws Let Remote Users Deny Service and Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server - Cisco Systems	af854a3a-2127-422b-91ae-364da2661108	www.cisco.com	Vendor Advisory
Cisco TelePresence Manager Bugs Let Remote Users Invoke SOAP Methods, Inject Arbitrary Commands, and Execute Arbitrary Code - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
Cisco TelePresence Recording Server Bugs Let Remote Users Deny Service and Take Full Control of the Target Device - SecurityTracker	af854a3a-2127-422b-91ae-364da2661108	www.securitytracker.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.