Cisco Internetwork Operating System (IOSĀ®) Software release trains 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME) or Survivable Remote Site Telephony (SRST) may contain a vulnerability in processing certain malformed control protocol messages.
A successful exploitation of this vulnerability may cause a reload of the device and could be exploited repeatedly to produce a Denial of Service (DoS). This advisory is available at
http://www.cisco.com/warp/public/707/cisco...19-itscme.shtml
Cisco has made free software upgrades available to address this vulnerability for all affected customers. There are workarounds available to mitigate the effects of the vulnerability.
More Info is available her at the cisco site:
http://www.cisco.com/warp/public/707/cisco...e.shtml#summary
01-24-2005, 04:46 PM
Posted
It appears you have not yet registered with our community
which limits what you can do & see. It's Free To register, please click here.
Linear Mode
