This vulnerability is fixed in Cisco Unified Communications Manager versions 8.5(1), 8.0(3), 7.1(5)su1, and 6.1(5)su2.
The third SIP DoS vulnerability is documented in Cisco Bug ID CSCtg62855 ( registered customers only) and has been assigned CVE identifier CVE-2011-1606. This vulnerability is fixed in Cisco Unified Communications Manager versions 8.5(1), 8.0(3), 7.1(5b)su2, and 6.1(5)su2. The second SIP DoS vulnerability is documented in Cisco Bug ID CSCth39586 ( registered customers only) and has been assigned CVE identifier CVE-2011-1605. This vulnerability is fixed in Cisco Unified Communications Manager versions 8.5(1), 8.0(3a)su2, 7.1(5b)su3, and 6.1(5)su3. The first SIP DoS vulnerability is documented in Cisco Bug ID CSCti42904 ( registered customers only) and has been assigned Common Vulnerabilities and Exposures (CVE) identifier CVE-2011-1604. All SIP ports (TCP ports 50 and UDP ports 50) are affected. Each vulnerability is triggered by a malformed SIP message that could cause a critical process to fail, resulting in the disruption of voice services. DoS Vulnerabilities in SIPĬisco Unified Communications Manager contains three DoS vulnerabilities that involve the processing of SIP messages. Cisco Unified Communications Manager is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices such as IP phones, media processing devices, VoIP gateways, and multimedia applications.
0 kommentar(er)
