CiscoWorks Internetwork Performance Monitor (IPM) version 2.6 for Sun Solaris and Microsoft Windows operating systems contains a vulnerability that allows remote, unauthenticated users to execute arbitrary commands. There are no workarounds for this vulnerability. Cisco has made free software available to address this issue for affected customers.

http://www.securiteam.com/securitynews/5SP0F1PNPM.html