Security Advisory
  • Cisco Unified Presence Can Be Affected By TCP Flooding Attacks Reported Date: 18-10-09
Rated Level: Critical
Impact: Dos,Remotely Exploitable
Affected Software: 1.x, 6.x prior to 6.0(6), 7.x prior to 7.0(4)
Description: Two vulnerabilities were reported in Cisco Unified Presence. A remote user can cause denial of service conditions.

A remote user can flood TCP ports 16200 or 22794 with completed connections to cause the target TimesTenD process to crash and restart . Cisco has assigned Cisco Bug ID CSCsy17662 to this vulnerability.

A remote user can establish many TCP connections to the target system to cause the internal connection tracking table to prevent new connections . Cisco has assigned Cisco Bug ID CSCsw52371 to this vulnerability.


Note: Cisco Systems Product Security Incident Response Team [email protected]>
Solution: The vendor has issued a fix for 6.0(6), 7.0(4).
http://www.cisco.com/warp/public/707/cisco-sa-20091014-cup.shtml
Original Advisory: http://www.cisco.com/warp/public/707/cisco-sa-20091014-cup.shtml
References: http://securitytracker.com/id?1023018
Feedback: If you have additional information or corrections for this security advisory please contact us at advisory(at)triviasecurity.org

Security Advisories by Month (2013)
TS Promotion
Software Security Tools
Latest Exploit Codes
TS Information
About Trivia Security
Frequently Asked Questions
TS Announcements
Terms of service
Site Map
Search
Security
Phishing Scams
Advisories
Exploits
News & Headlines
xss playground
Web Proxy
Proxy List
War Games
TS Encryption
InfoSec Library
Latest Library Articles
Video Library
Top Articles
Browse Library
Soft-Tools
Latest Tools
Top Downloads
Browse Tools Archive
Forums
Login
Register
Search
Latest Topics
Links
Affiliates
TS Top Sites
Recomended Sites