Multiple Vulnerabilities in Cisco TelePresence Video Communication Server and Cisco Expressway Software
Advisory ID: cisco-sa-20141015-vcs
Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Software includes the following vulnerabilities:
• Cisco TelePresence VCS and Cisco Expressway Crafted Packets Denial of Service Vulnerability
• Cisco TelePresence VCS and Cisco Expressway SIP IX Filter Denial of Service Vulnerability
• Cisco TelePresence VCS and Cisco Expressway SIP Denial of Service Vulnerability
Succesfull exploitation of any of these vulnerabilities could allow an unauthenticated, remote attacker to cause a reload of the affected system, which may result in a Denial of Service (DoS) condition.
Cisco has released free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are not available. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141015-vcs
Note: This security advisory does not provide information about the GNU Bash Environment Variable Command Injection Vulnerability (also known as Shellshock). For additional information regarding Cisco products affected by this vulnerability, refer to the Cisco Security Advisory at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140926-bash
'취약점 정보1' 카테고리의 다른 글
| Centreon contains multiple vulnerabilities (0) | 2014.10.18 |
|---|---|
| Advisory: Oracle Forms 10g Unauthenticated Remote Code Execution (CVE-2014-4278) (0) | 2014.10.16 |
| POODLE: Turning off SSLv3 for various servers and client. (0) | 2014.10.16 |
| SSLv3 POODLE Vulnerability Official Release (0) | 2014.10.16 |
| Cisco ASA 소프트웨어 다중 취약점 보안 업데이트 권고 (0) | 2014.10.10 |