Priveon Labs Security Blog

 
« Automating Cisco Security Agent Deployment - Part 4 (Agent Deployment)Don't touch that! It's Hot! - Or, your F1 Key is the enemy. »

Cisco Unified Communication Manager (Former Call Manager) Denial of Service - cisco-sa-20100303-cucm

03/04/10

Permalink 12:45:05 am, by Zach Brewer, 110 words
Categories: Security Advisories, General Security, Cisco Security

Cisco Unified Communication Manager (Former Call Manager) Denial of Service - cisco-sa-20100303-cucm

Denial of Service (DoS) vulnerabilities have been identified in Cisco Unified Communication Manager (formerly known as Cisco CallManager).  Exploitation is accomplished with either malformed CTI Manager Messages, malformed SIP Message Vulnerabilities, and/or malformed SCCP Message Vulnerabilities.  Products affected include:

  • Cisco Unified Communications Manager 4.x
  • Cisco Unified Communications Manager 5.x
  • Cisco Unified Communications Manager 6.x
  • Cisco Unified Communications Manager 7.x

Customers are urged to upgrade to 4.3(2)SR2, 6.1(5), 7.1(3b)SU2, or 8.0(1).  Note: Cisco Unified Communications Manager version 5.1 reached the End of Software Maintenance on February 13, 2010.  Software can be obtained on Cisco's website (a CCO ID and valid contract are both required) Details:

http://www.cisco.com/warp/public/707/cisco-sa-20100303-cucm.shtml

PermalinkPermalink

Priveon, Inc.

Today's complex security and networking solutions require a great deal of knowledge to successfully support and operate. Priveon uses the field experience of its expert staff to develop and maintain a positive reinforcement loop between business practices and to provide the latest information to our customers. The information posted here is supported by Priveon subject-matter experts.

Search

Categories

XML Feeds

What is RSS?

Archives