|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[SA10696] Cisco Voice Products Director Agent Insecure Default Installation
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Jan 22 2004 - 06:38:01 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Cisco Voice Products Director Agent Insecure Default Installation
SECUNIA ADVISORY ID:
SA10696
VERIFY ADVISORY:
http://www.secunia.com/advisories/10696/
CRITICAL:
Moderately critical
IMPACT:
DoS, System access
WHERE:
From local network
SOFTWARE:
Cisco CallManager 3.x
Cisco Conference Connection (CCC) 1.x
Cisco Emergency Responder (CER) 1.x
Cisco Internet Service Node (ISN) 2.x
Cisco IP Call Center Express (IPCC Express)
Cisco IP Interactive Voice Response (IP IVR)
Cisco Personal Assistant Version 1.3x
Cisco Personal Assistant Version 1.4x
DESCRIPTION:
Cisco has reported a vulnerability in multiple voice products on the
IBM platform, which can be exploited by malicious people to cause a
DoS (Denial of Service) or compromise a vulnerable system.
Voice products running on IBM servers install the Director Agent
insecurely by leaving the service on port 14247 (both TCP and UDP)
accessible without requiring user authentication. This can be
exploited to gain administrative control of a server.
It is also possible to make the IBM Director Agent process
"twgipc.exe" consume 100% CPU resources by scanning it with a network
scanner.
The vulnerability affects voice products installed on the following
IBM-based servers running an OS prior to OS 2000.2.6:
* IBM X330 (8654 or 8674)
* IBM X340
* IBM X342
* IBM X345
* MCS-7815-1000
* MCS-7815I-2.0
* MCS-7835I-2.4
* MCS-7835I-3.0
SOLUTION:
Cisco has published a repair script, which is available at:
http://www.cisco.com/pcgi-bin/tablebuild.pl/cmva-3des
PROVIDED AND/OR DISCOVERED BY:
Reported by vendor.
ORIGINAL ADVISORY:
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://www.secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://www.secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]