Cisco warns of a serious security error CallManager

Cisco Systems has released two warning messages about some relatively dangerous security vulnerabilities that arise in the Unified Communications Manager application.

The content of the first alert message indicates that Unified Communications Manager - commonly known as CallManager - has two buffer overflow security errors. The first error lies in Certified Trust List (CTL) service and the remaining error belongs to Real-Time Information Server (RIS).

Hackers can remotely attack security flaws that claim to enforce binary code, malicious code or a denial of service attack on the device.

Unified Communications Manager (CUCM) is a component of Cisco's IP-based voice solution.

The second bulletin warns of two other security vulnerabilities that could allow hackers to gain administrator-level control to enable or disable CUCM and CUPS (Common Unix Printing System) services, access to SNMP (Simple Network Management Protocol) configuration information.

' The possible consequence is that denial-of-service attacks target CUCM / CUPS service cluster systems or loss of SNMP configuration data ,' Cisco said. ' Hackers can completely use the information they eat to get access to related networks '.

Meanwhile, denial of service attacks can completely disable the network's voice service system. Hackers can disable the central CUCM service, which makes the CUCM service cluster system also disabled.

Security experts recommend network administrators to be really careful and should quickly install necessary patches.

Hoang Dung