Cisco warns of a serious security error CallManager
Cisco Systems has released two warning messages about some relatively dangerous security vulnerabilities that arise in the Unified Communications Manager application.
The content of the first alert message indicates that Unified Communications Manager - commonly known as CallManager - has two buffer overflow security errors. The first error lies in Certified Trust List (CTL) service and the remaining error belongs to Real-Time Information Server (RIS).
Hackers can remotely attack security flaws that claim to enforce binary code, malicious code or a denial of service attack on the device.
Unified Communications Manager (CUCM) is a component of Cisco's IP-based voice solution.
The second bulletin warns of two other security vulnerabilities that could allow hackers to gain administrator-level control to enable or disable CUCM and CUPS (Common Unix Printing System) services, access to SNMP (Simple Network Management Protocol) configuration information.
' The possible consequence is that denial-of-service attacks target CUCM / CUPS service cluster systems or loss of SNMP configuration data ,' Cisco said. ' Hackers can completely use the information they eat to get access to related networks '.
Meanwhile, denial of service attacks can completely disable the network's voice service system. Hackers can disable the central CUCM service, which makes the CUCM service cluster system also disabled.
Security experts recommend network administrators to be really careful and should quickly install necessary patches.
Hoang Dung
- 10 worst moments of security industry
- Cisco 3-hole vulnerability in IOS
- Cisco warns 2 serious security errors
- Add a security error in Cisco products
- Cisco and F-Secure have trouble with their own products
- Cisco has to fix product security
- Cisco router error beats the network
- Add 2 security bugs in Windows Mobile
- Cisco VPN devices may be subject to DoS attacks
- Cisco warned a new security vulnerability in ASA and PIX
- 7 Cisco security tips
- Detecting security flaws in Cisco firewall application