一、 漏洞 CVE-2011-0364 基础信息

# N/A

## 漏洞概述
Cisco Security Agent 的 Management Console (webagent.exe) 存在一个漏洞，该漏洞允许远程攻击者通过精心构造的 st_upload 请求中的未指定参数创建任意文件并执行任意代码。

## 影响版本
- Cisco Security Agent 5.1
- Cisco Security Agent 5.2
- Cisco Security Agent 6.0 before 6.0.2.145

## 漏洞细节
Management Console 组件 (webagent.exe) 在处理 st_upload 请求时存在漏洞。攻击者可以通过精心构造的未指定参数来创建任意文件并执行任意代码。

## 影响
此漏洞使得远程攻击者能够绕过常规权限控制，创建任意文件并在受感染系统上执行任意代码，从而导致系统被完全控制。

二、漏洞 CVE-2011-0364 的公开POC

三、漏洞 CVE-2011-0364 的情报信息

• http://www.zerodayinitiative.com/advisories/ZDI-11-088 x_refsource_MISC
• http://securityreason.com/securityalert/8197 third-party-advisory x_refsource_SREASON
• http://securityreason.com/securityalert/8205 third-party-advisory x_refsource_SREASON
• http://securityreason.com/securityalert/8095 third-party-advisory x_refsource_SREASON
• http://secunia.com/advisories/43383 third-party-advisory x_refsource_SECUNIA
• http://www.securityfocus.com/bid/46420 vdb-entry x_refsource_BID
• http://secunia.com/advisories/43393 third-party-advisory x_refsource_SECUNIA
• http://www.securitytracker.com/id?1025088 vdb-entry x_refsource_SECTRACK
• http://www.vupen.com/english/advisories/2011/0424 vdb-entry x_refsource_VUPEN
• https://exchange.xforce.ibmcloud.com/vulnerabilities/65436 vdb-entry x_refsource_XF
• http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6cee6.shtml vendor-advisory x_refsource_CISCO
• http://www.securityfocus.com/archive/1/516505/100/0/threaded mailing-list x_refsource_BUGTRAQ
• https://nvd.nist.gov/vuln/detail/CVE-2011-0364