CVE-2008-3820 Information

Description

Cisco Security Manager 3.1 and 3.2 before 3.2.2 when Cisco IPS Event Viewer (IEV) is used exposes TCP ports used by the MySQL daemon and IEV server which allows remote attackers to obtain \root access\ to IEV via unspecified use of TCP sessions to these ports.

Reference

http://secunia.com/advisories/33633 http://www.cisco.com/en/US/products/products_security_advisory09186a0080a6192a.shtml http://www.securityfocus.com/bid/33381 http://www.securitytracker.com/id?1021619 http://www.vupen.com/english/advisories/2009/0214 https://exchange.xforce.ibmcloud.com/vulnerabilities/48134