漏洞信息详情
Cisco iOS和Unified Communications Manager远程拒绝服务漏洞
- CNNVD编号:CNNVD-201109-641
- 危害等级: 超危
- CVE编号: CVE-2011-2072
- 漏洞类型: 资源管理错误
- 发布时间: 1900-01-01
- 威胁类型: 远程
- 更新时间: 2011-10-09
- 厂 商: cisco
- 漏洞来源: Cisco
漏洞简介
Cisco的网际操作系统(iOS)是一个网际互连优化的复杂操作系统。数据流交互功能DLSw可以实现在IP网络上传输IBM SNA和网络BiOS流量。Cisco Unified Communications Manager是Cisco IP Telephony的呼叫处理组件。
Cisco Unified Communications Manager在处理畸形SIP消息时在实现上存在内存泄露漏洞,远程攻击者可利用这些漏洞造成声音服务中断或造成受影响设备重载,拒绝服务合法用户。
此漏洞源于在处理畸形SIP消息时,Cisco Unified Communications Manager可泄露会话控制缓冲区。
漏洞公告
目前厂商已经发布了升级补丁以修复此安全问题,补丁获取链接:
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.sHTML
参考网址
来源: CISCO
名称: 20110928 Cisco iOS Software Session Initiation Protocol Denial of Service Vulnerabilities
链接:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.sHTML
来源: CISCO
名称: 20110928 Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerability
链接:http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d58.sHTML
来源: tools.cisco.com
链接:http://tools.cisco.com/security/center/viewAlert.x?alertId=24129
来源:SECUNIA
名称:46197
链接:http://secunia.com/advisories/46197
来源:SECUNIA
名称:46226
链接:http://secunia.com/advisories/46226
来源:SECUNIA
名称:46230
链接:http://secunia.com/advisories/46230
来源:SECUNIA
名称:46234
链接:http://secunia.com/advisories/46234 来源:NSFOCUS 名称:17842 链接:http://www.nsfocus.net/vulndb/17842
受影响实体
- Cisco Unified_communications_manager:8.6
- Cisco Unified_communications_manager:8.5%281%29su1
- Cisco Unified_communications_manager:8.5%281%29
- Cisco Unified_communications_manager:8.0%282b%29
- Cisco Unified_communications_manager:8.0%282a%29
补丁
暂无
评论