Solved: CiscoWorks Nessus scan yellow vulnerability issue

Gongyuan Yao · ‎07-22-2009

Hi,

Nessus scan reports yellow Vulnerability for our CiscoWorks server:

x.x.x.x (ip address of CiscoWorks server) YELLOW Sybase ASA Client Connection Broadcast Remote

Information Disclosure Locate service enabled on Sybase server

sybaseanywhere 2638

If anyone knows the status for this issue, please let me know.

We have the following CiscoWorks products and version:

(LMS 2.6)

CiscoWorks Common Services 3.0.6

Campus Manager 4.0.6

CiscoView 6.1.5

Device Fault Manager 2.0.11

Internetwork Performance 2.6.0

Resource Manager Essentials 4.0.5

Your help would be greatly appreciated.

Thanks.

GY (Gongyuan Yao)

Contractor (LHC Network Support)

yaog2@mail.nih.gov 301-435-3168(o)

240-417-1488 (c)

yjdabear · ‎07-23-2009

This is CSCsk35018:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk35018

The following two discussions will shed additional light on top of what the Bug Tool provides:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cc0b896/4#selected_message

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cbec487

View solution in original post

yjdabear · ‎07-23-2009

This is CSCsk35018:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsk35018

The following two discussions will shed additional light on top of what the Bug Tool provides:

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40^1%40%40.2cc0b896/4#selected_message

http://forum.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Network%20Infrastructure&topic=Network%20Management&topicID=.ee71a02&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cbec487

Gongyuan Yao · ‎07-27-2009

Thanks a lot for the response. Great help.

Last Question:

According to the discussions before, this bug (ticket sk35018) will not be fixed (jclarke). Is it true? if it is not true, can you let me know which LMS rel can fix this one? LMS3.1 or LMS 3.2.

Thanks.

gy

yjdabear · ‎07-27-2009

Yes, you read it correctly: The takeaway is Sybase has told Cisco LMS is not really considered vulnerable, so no fix is needed nor provided.

fuadsubkhi87 · ‎10-10-2012

hi,

i'm also having the same problem with my ciscoworks LMS 3.2. any update on work around or fix?. btw why we need to enable broadcast listening for sybase.

Gongyuan Yao · ‎10-11-2012

No. this issue has not been solved so far as I know. Thx.