Impact: Dos,Remotely Exploitable
Affected Software: 1.x, 6.x prior to 6.0(6), 7.x prior to 7.0(4)
Description: Two vulnerabilities were reported in Cisco Unified Presence. A remote user can cause denial of service conditions.
A remote user can flood TCP ports 16200 or 22794 with completed connections to cause the target TimesTenD process to crash and restart . Cisco has assigned Cisco Bug ID CSCsy17662 to this vulnerability.
A remote user can establish many TCP connections to the target system to cause the internal connection tracking table to prevent new connections . Cisco has assigned Cisco Bug ID CSCsw52371 to this vulnerability.
Note: Cisco Systems Product Security Incident Response Team
The vendor has issued a fix for 6.0(6), 7.0(4).
Feedback: If you have additional information or corrections for this security advisory please contact us at advisory(at)triviasecurity.org