Products & Services Security Advisories - Cisco Systemsより3件のセキュリティアドバイザリが出ているそうです。
Cisco Call Mangerに複数のDoSを受ける脆弱性だそうです。Cisco内部で発見したとの事。
Cisco Unified Communications Manager, formerly Cisco CallManager, contains multiple denial of service (DoS) vulnerabilities that may cause an interruption in voice services, if exploited. These vulnerabilities were discovered internally by Cisco. The following Cisco Unified Communications Manager services are affected:
Cisco Unified PresenceにDoSをうける脆弱性が存在するそうです。これもCisco内部で発見したとの事。
Cisco Unified Presence contains three denial of service (DoS) vulnerabilities that may cause an interruption in presence services. These vulnerabilities were discovered internally by Cisco, and there are no workarounds.
Cisco has released free software updates that address these vulnerabilities.
Cisco Content Switching Moduleにメモリーリークの脆弱性が存在し、最終的にはDoSをうけるそうです。
TCPセグメントと指定されたTCPフラグで負荷が高くなりTCP接続を接続できなくなるそうです。
The Cisco Content Switching Module (CSM) and Cisco Content Switching Module with SSL (CSM-S) contain a memory leak vulnerability that can result in a denial of service condition. The vulnerability exists when the CSM or CSM-S is configured for layer 7 load balancing. An attacker can trigger this vulnerability when the CSM or CSM-S processes TCP segments with a specific combination of TCP flags while servers behind the CSM/CSM-S are overloaded and/or fail to accept a TCP connection.
Cisco has released free software updates that address this vulnerability.
