[cisco-voip] Cisco Vulnerability?
Scott Voll
svoll.voip at gmail.com
Fri May 30 10:19:03 EDT 2008
This came out on the 14th:
Scott
****************************************************
Message Type : Security Advisory
Title: Cisco Security Advisory: Cisco Unified Presence Denial of Service
Vulnerabilities
URL:
*
http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995682.shtml
*<http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995682.shtml>
(available to registered users)
*
http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml
*<http://www.cisco.com/en/US/products/products_security_advisory09186a0080995682.shtml>
(available to non-registered users)
Posted: May 14, 2008
Summary: Cisco Unified Presence contains three denial of service (DoS)
vulnerabilities that may cause an interruption in presence services. These
vulnerabilities were discovered internally by Cisco, and there are no
workarounds.
Cisco has released free software updates that address these vulnerabilities.
This email has been sent to scott.voll at wesd.org.
You are receiving this notice because you subscribed to the Cisco Product
Alert Tool (PAT) and created the following profile(s):
Cisco alerts
Subscribe/unsubscribe instructions :
If you choose not to receive these notices, or if you would like to make
changes to your notification profile, please go to:
*http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en*<http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en>
and This:
**********************************************************************
Message Type : Security Advisory
Title: Cisco Security Advisory: Cisco Unified Communications Manager Denial
of Service Vulnerabilities
URL:
*
http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995688.shtml
*<http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995688.shtml>
(available to registered users)
*
http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml
*<http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml>
(available to non-registered users)
Posted: May 14, 2008
Summary: Cisco Unified Communications Manager, formerly Cisco CallManager,
contains multiple denial of service (DoS) vulnerabilities that may cause an
interruption in voice services, if exploited. These vulnerabilities were
discovered internally by Cisco. The following Cisco Unified Communications
Manager services are affected:
Certificate Trust List (CTL) Provider
Certificate Authority Proxy Function (CAPF)
Session Initiation Protocol (SIP)
Simple Network Management Protocol (SNMP) Trap
Cisco has released free software updates that address these vulnerabilities.
Workarounds that mitigate some of these vulnerabilities are available.
This email has been sent to scott.voll at wesd.org.
You are receiving this notice because you subscribed to the Cisco Product
Alert Tool (PAT) and created the following profile(s):
Cisco alerts
Subscribe/unsubscribe instructions :
If you choose not to receive these notices, or if you would like to make
changes to your notification profile, please go to:
*http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en*<http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en>
and this:
*******************************************************************
Message Type : Security Advisory
Title: Cisco Security Advisory: Cisco Content Switching Module Memory Leak
Vulnerability
URL:
*
http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995684.shtml
*<http://www.cisco.com/en/US/customer/products/products_security_advisory09186a0080995684.shtml>
(available to registered users)
*
http://www.cisco.com/en/US/products/products_security_advisory09186a0080995684.shtml
*<http://www.cisco.com/en/US/products/products_security_advisory09186a0080995684.shtml>
(available to non-registered users)
Posted: May 14, 2008
Summary: The Cisco Content Switching Module (CSM) and Cisco Content
Switching Module with SSL (CSM-S) contain a memory leak vulnerability that
can result in a denial of service condition. The vulnerability exists when
the CSM or CSM-S is configured for layer 7 load balancing. An attacker can
trigger this vulnerability when the CSM or CSM-S processes TCP segments with
a specific combination of TCP flags while servers behind the CSM/CSM-S are
overloaded and/or fail to accept a TCP connection.
Cisco has released free software updates that address this vulnerability.
This email has been sent to scott.voll at wesd.org.
You are receiving this notice because you subscribed to the Cisco Product
Alert Tool (PAT) and created the following profile(s):
Cisco alerts
Subscribe/unsubscribe instructions :
If you choose not to receive these notices, or if you would like to make
changes to your notification profile, please go to:
*http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en*<http://tools.cisco.com/Support/PAT/do/ViewMyProfiles.do?local=en>
On Fri, May 30, 2008 at 5:06 AM, Miller, Steve <MillerS at dicksteinshapiro.com>
wrote:
> A colleague sent me this "heads up". Does anyone know about how real
> this risk is?
>
> "This is from the CERTStation Newswire - not sure if it applies to what we
> have, passing along just in case.
>
> Network appliance vendor Cisco has reported several vulnerabilities in its
> Unified Presence and Unified Communications Manager products. The bugs can
> be exploited for denial of service attacks. The Content Switching Module
> also contains such vulnerability. When the module is configured for layer 7
> load balancing this allows TCP packets containing certain unspecified flags
> to trigger memory leaks. As a consequence, the system is paralyzed if the
> module is unable to make balancing decisions because the servers behind it
> are overloaded. The flaw has been fixed in software version 4.2.9.Administrators can find suggestions about how to make their devices secure
> without software updates in Cisco's security advisories. In addition, Cisco
> has made software updates available for registered users. Administrators are
> advised to download and install the updates at their earliest convenience
> ".
>
> *Steve Miller*
> Telecom Engineer
> Dickstein Shapiro LLP
> 1825 Eye Street NW | Washington, DC 20006
> Tel (202) 420-3370| Fax (202) 330-5607
> MillerS at dicksteinshapiro.com
>
>
> --------------------------------------------------------
> This e-mail message and any attached files are confidential
> and are intended solely for the use of the addressee(s)
> named above. This communication may contain material
> protected by attorney-client, work product, or other
> privileges. If you are not the intended recipient or person
> responsible for delivering this confidential communication
> to the intended recipient, you have received this
> communication in error, and any review, use, dissemination,
> forwarding, printing, copying, or other distribution of
> this e-mail message and any attached files is strictly
> prohibited. Dickstein Shapiro reserves the right to monitor
> any communication that is created, received, or sent on its
> network. If you have received this confidential
> communication in error, please notify the sender
> immediately by reply e-mail message and permanently delete
> the original message.
>
> To reply to our email administrator directly, send an email
> to postmaster at dicksteinshapiro.com
>
> Dickstein Shapiro LLPhttp://www.DicksteinShapiro.com <http://www.dicksteinshapiro.com/>
>
> ==============================================================================
>
>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20080530/58b1eb03/attachment-0001.html>
More information about the cisco-voip
mailing list