All the latest UK technology news, reviews and analysis
|
|
|
28 Aug 2009
Cisco has issued a security alert about two vulnerabilities in its Unified Communications Manager (UCM) software.
The flaws could allow an attacker to create a denial-of-service attack on the tool, which is used to manage enterprise telephony and communication services. Such an attack could bring down voice services and require the system to be restarted.
An attacker could conduct the exploit by flooding a certain port on the UCM with TCP information packets, causing the system to reject new connection requests and render telephony systems useless.
Cisco said that the flaw affects UCM editions 4, 5, 6 and 7. The Express edition is not believed to be vulnerable.
The company has released patches for the 6.x and 7.x versions, and a fix for versions 5.x is scheduled for early September. Administrators are advised to install the updates immediately.
The risk of attack can also be mitigated by filtering access to the vulnerable TCP 2000 and 2443 ports and the UDP 5060 and 5061 ports.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
V3 examines the key strengths and weaknesses of Samsung's latest iPhone killer
Connect with V3.co.uk
Social networking is almost ubiquitous. This white paper examines the benefits and risks and it looks at the different ways companies can reconcile them
The importance of understanding your infrastructure
Java Developer Thomas Cook Online is the business unit...
Contract Systems Administrator, Southampton My...
PHP Web Developer required to join my market-leading...
Java Developer x2, Spring, Hibernate, Swindon, £40K...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?