CiscoWorks Nessus scan yellow vulnerability issue

Answered Question
Jul 22nd, 2009
User Badges:

Hi,

Nessus scan reports yellow Vulnerability for our CiscoWorks server:

x.x.x.x (ip address of CiscoWorks server) YELLOW Sybase ASA Client Connection Broadcast Remote

Information Disclosure Locate service enabled on Sybase server

sybaseanywhere 2638


If anyone knows the status for this issue, please let me know.


We have the following CiscoWorks products and version:

(LMS 2.6)

CiscoWorks Common Services 3.0.6

Campus Manager 4.0.6

CiscoView 6.1.5

Device Fault Manager 2.0.11

Internetwork Performance 2.6.0

Resource Manager Essentials 4.0.5


Your help would be greatly appreciated.

Thanks.


GY (Gongyuan Yao)

Contractor (LHC Network Support)

[email protected] 301-435-3168(o)

240-417-1488 (c)




  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Gongyuan Yao Mon, 07/27/2009 - 06:43
User Badges:

Thanks a lot for the response. Great help.

Last Question:

According to the discussions before, this bug (ticket sk35018) will not be fixed (jclarke). Is it true? if it is not true, can you let me know which LMS rel can fix this one? LMS3.1 or LMS 3.2.

Thanks.

gy

yjdabear Mon, 07/27/2009 - 10:18
User Badges:
  • Gold, 750 points or more

Yes, you read it correctly: The takeaway is Sybase has told Cisco LMS is not really considered vulnerable, so no fix is needed nor provided.

fuadsubkhi87 Wed, 10/10/2012 - 23:05
User Badges:

hi,

i'm also having the same problem with my ciscoworks LMS 3.2. any update on work around or fix?. btw why we need to enable broadcast listening for sybase.

Actions

This Discussion