CiscoWorks Nessus scan yellow vulnerability issue

Answered Question
Jul 22nd, 2009

Hi,

Nessus scan reports yellow Vulnerability for our CiscoWorks server:

x.x.x.x (ip address of CiscoWorks server) YELLOW Sybase ASA Client Connection Broadcast Remote

Information Disclosure Locate service enabled on Sybase server

sybaseanywhere 2638

If anyone knows the status for this issue, please let me know.

We have the following CiscoWorks products and version:

(LMS 2.6)

CiscoWorks Common Services 3.0.6

Campus Manager 4.0.6

CiscoView 6.1.5

Device Fault Manager 2.0.11

Internetwork Performance 2.6.0

Resource Manager Essentials 4.0.5

Your help would be greatly appreciated.

Thanks.

GY (Gongyuan Yao)

Contractor (LHC Network Support)

[email protected] 301-435-3168(o)

240-417-1488 (c)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gongyuan Yao Mon, 07/27/2009 - 06:43

Thanks a lot for the response. Great help.

Last Question:

According to the discussions before, this bug (ticket sk35018) will not be fixed (jclarke). Is it true? if it is not true, can you let me know which LMS rel can fix this one? LMS3.1 or LMS 3.2.

Thanks.

gy

yjdabear Mon, 07/27/2009 - 10:18

Yes, you read it correctly: The takeaway is Sybase has told Cisco LMS is not really considered vulnerable, so no fix is needed nor provided.

fuadsubkhi87 Wed, 10/10/2012 - 23:05

hi,

i'm also having the same problem with my ciscoworks LMS 3.2. any update on work around or fix?. btw why we need to enable broadcast listening for sybase.

Actions

This Discussion