The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

computer vulnerability alert CVE-2011-2560 CVE-2011-2561 CVE-2011-2562

Cisco Unified Communications Manager: five denial of service

Synthesis of the vulnerability

A remote attacker can use five vulnerabilities of Cisco Unified Communications Manager, in order to create a denial of service.
Severity of this weakness: 3/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 25/08/2011.
Références of this bulletin: 113127, 113136, 113199, BID-49300, BID-49302, CERTA-2011-AVI-477, CERTA-2011-AVI-478, cisco-amb-20110824-cucm-ime, cisco-sa-20110824-cucm, cisco-sa-20110824-ime, CSCtc61990, CSCtf97162, CSCth19417, CSCth26669, CSCth43256, CVE-2011-2560, CVE-2011-2561, CVE-2011-2562, CVE-2011-2563, CVE-2011-2564, VIGILANCE-VUL-10950.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

Five vulnerabilities were announced in Cisco Unified Communications Manager.

The Packet Capture Service of Cisco Unified Communications Manager version 4 does not close idle connections. An attacker can therefore open several TCP sessions, in order to create a denial of service. [severity:3/4; CERTA-2011-AVI-478, CSCtf97162, CVE-2011-2560]

When the MTP (Media Termination Point) of Cisco Unified Communications Manager version 7 is configured with the codec g729ar8, an attacker can send a SIP packet with SDP (Session Description Protocol) data using this codec, in order to stop the service. [severity:3/4; CSCtc61990, CVE-2011-2561]

An attacker can send a malicious SIP packet, in order to stop the service. [severity:3/4; CSCth43256, CVE-2011-2562]

An attacker can send malicious SAF (Service Advertisement Framework) packets, in order to reload the service of Cisco Unified Communications Manager version 8 and Cisco Intercompany Media Engine. [severity:2/4; 113136, BID-49300, CERTA-2011-AVI-477, cisco-sa-20110824-ime, CSCth26669, CVE-2011-2563]

An attacker can send malicious SAF (Service Advertisement Framework) packets, in order to reload the service of Cisco Unified Communications Manager version 8 and Cisco Intercompany Media Engine. [severity:2/4; 113136, BID-49300, cisco-sa-20110824-ime, CSCth19417, CVE-2011-2564]
Full Vigil@nce bulletin... (Free trial)

This computer threat alert impacts software or systems such as Cisco CallManager, Cisco CUCM.

Our Vigil@nce team determined that the severity of this weakness announce is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 5 vulnerabilities.

An attacker with a expert ability can exploit this computer weakness bulletin.

Solutions for this threat

Cisco Unified Communications Manager: corrected versions.
The following versions are corrected:
 - 6.1(5)SU3
 - 7.1(5b)SU4
 - 8.0(3a)SU2
 - 8.5(1)SU2
 - 8.6(1)
Full Vigil@nce bulletin... (Free trial)

Computer vulnerabilities tracking service

Vigil@nce provides computers vulnerabilities analysis. The technology watch team tracks security threats targeting the computer system. Each administrator can customize the list of products for which he wants to receive vulnerability alerts. The Vigil@nce vulnerability database contains several thousand vulnerabilities.