All the latest UK technology news, reviews and analysis
|
|
|
28 Aug 2009
Cisco has issued a security alert about two vulnerabilities in its Unified Communications Manager (UCM) software.
The flaws could allow an attacker to create a denial-of-service attack on the tool, which is used to manage enterprise telephony and communication services. Such an attack could bring down voice services and require the system to be restarted.
An attacker could conduct the exploit by flooding a certain port on the UCM with TCP information packets, causing the system to reject new connection requests and render telephony systems useless.
Cisco said that the flaw affects UCM editions 4, 5, 6 and 7. The Express edition is not believed to be vulnerable.
The company has released patches for the 6.x and 7.x versions, and a fix for versions 5.x is scheduled for early September. Administrators are advised to install the updates immediately.
The risk of attack can also be mitigated by filtering access to the vulnerable TCP 2000 and 2443 ports and the UDP 5060 and 5061 ports.
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
My client, a leading telecoms firm listed in the Sunday...
ASP.NET C#, .Net 3.5, .Net 4.0 MVC developer to join...
Linux Systems Administrator - £45k - London A Linux...
Unix systems administrator required to work for leading...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?