Cisco warns of Unified Communications Manager flaw

Cisco has made available a free software fix for affected customers

Linda Leung (Network World)
18 January, 2008 07:24
Comments

Cisco Wednesday released its first new security alert of the year: a warning that its Cisco Unified Communications Manager - formerly CallManager - contains a heap overflow vulnerability in the Certificate Trust List that could allow a hacker to cause a denial-of-service attack or execute arbitrary code.

Cisco has made available a free software fix for affected customers, and a workaround is available in its security advisory.

The products that are vulnerable are:

-- Cisco Unified CallManager 4.0

-- Cisco Unified CallManager 4.1 Versions prior to 4.1(3)SR5c

-- Cisco Unified Communications Manager 4.2 Versions prior to 4.2(3) SR3

-- Cisco Unified Communications Manager 4.3 Versions prior to 4.3(1) SR1

Cisco says it is not aware of any public announcements or malicious use of the vulnerability, which was reported to Cisco from TippingPoint.

More about: Cisco, TippingPoint, TippingPoint

Comments

Post new comment

Recent Discussions

ARN Directory | Distributors relevant to this article

Jobs

Application Support Analyst - Equities20/03/2010
Other
I.T. & T
Application Support Analyst - Equities
HEALTHCARE SECTOR - SENIOR BUSINESS DEVELOPMENT MANAGER19/03/2010
Other
I.T. & T
HEALTHCARE SECTOR - SENIOR BUSINESS DEVELOPMENT MANAGER
Business Development Managers (M5)19/03/2010
Other
I.T. & T
Business Development Managers (M5)
ECM Senior Pre Sales Consultant Solution Architect19/03/2010
Other
I.T. & T
ECM Senior Pre Sales Consultant Solution Architect
ECM Senior Pre Sales Consultant Solution Architect19/03/2010
Other
I.T. & T
ECM Senior Pre Sales Consultant Solution Architect
MAJOR BUSINESS DEVELOPMENT - NSW STATE GOVERNMENT VERTICAL18/03/2010
Other
I.T. & T
MAJOR BUSINESS DEVELOPMENT - NSW STATE GOVERNMENT VERTICAL
Recruitment Consultant17/03/2010
Other
I.T. & T
Recruitment Consultant

ARN Distributor Directory

Find distributors by name
Find distributors by vendor
Find distributors by location

ARN Vendor Directory

Find vendors by name | Find by category

ARN Community Comments

"I agree completely with Sydney Lawrence.It's all blackmail, no other company in Australia has endured so much bad pu ..."
on Greens slam Government NBN study silence
by robert B | 19 March, 2010 16:56
"Look at what the free market did to America.. ..."
on New copper lines all but banned under Government legislation
by DD | 19 March, 2010 15:15
"Finally, Senator Conroy does something intelligent with his portfolio. Replacing copper cable with fibre is expensive an ..."
on New copper lines all but banned under Government legislation
by Samuel | 19 March, 2010 15:10
"As mentioned in various comments, one should not over look the tyranical leader of the party K Rudd. He is the one pulli ..."
on EFA brands Conroy’s attacks ‘cowardly’
by Bruce the Aussi | 19 March, 2010 14:10
"There will definitely be a lot of growth and opportunity - and the person you send your resume to is me! Sean WithfordT ..."
on US-based Staples to acquire Corporate Express
by Sean Withford | 19 March, 2010 14:08

Array

ARN Library

Read Material

Microsoft Anti-Piracy Infringement Alert

The Microsoft Anti-Piracy Newsletter outlines what Microsoft is doing to protect your business from Software Piracy and highlights recent legal action taken against those who infringe our copyright.