[<prev] [next>] [day] [month] [year] [list]
Message-id: <20120711120909.cisco-sa-20120711-ctsman@psirt.cisco.com>
Date: Wed, 11 Jul 2012 12:09:51 -0400
From: Cisco Systems Product Security Incident Response Team <psirt@...co.com>
To: full-disclosure@...ts.grok.org.uk
Cc: psirt@...co.com
Subject: Cisco Security Advisory: Multiple Vulnerabilities
in Cisco TelePresence Manager
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Multiple Vulnerabilities in Cisco TelePresence Manager
Advisory ID: cisco-sa-20120711-ctsman
Revision 1.0
For Public Release 2012 July 11 16:00 UTC (GMT)
+---------------------------------------------------------------------
Summary
=======
Cisco TelePresence Manager contains the following vulnerabilities:
Cisco TelePresence Malformed IP Packets Denial of Service Vulnerability
Cisco TelePresence Cisco Discovery Protocol Remote Code Execution Vulnerability
Exploitation of the Cisco TelePresence Malformed IP Packets Denial of
Service Vulnerability may allow an unauthenticated, remote attacker to
create a denial of service (DoS) condition, causing the product to
become unresponsive to new connection requests and potentially leading
to termination services and processes.
Exploitation of the Cisco TelePresence Cisco Discovery Protocol Remote
Code Execution Vulnerability may allow an unauthenticated, adjacent
attacker to execute arbitrary code with elevated privileges.
Cisco has released free software updates that address these
vulnerabilities. There are no workarounds that mitigate these
vulnerabilities. This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120711-ctsman
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
iF4EAREIAAYFAk/9izgACgkQUddfH3/BbTqUmwD/ZHYuMyBcriiQf7IBPNheFjzy
OySQwMyhLAwkM2ZZAIoA/3E0ipbO8bISXYel/QLCIigHSAuCfrNcXOuW8K6Py9M8
=VLwY
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists