Информационная безопасность
[RU] switch to English


Многочисленные уязвимости безопасности в продуктах Cisco TelePresence
Опубликовано:16 июля 2012 г.
Источник:
SecurityVulns ID:12472
Тип:удаленная
Уровень опасности:
7/10
Описание:DoS, внедрение команд, выполнение кода.
Затронутые продукты:CISCO : TelePresence Recording Server before 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.7
 CISCO : TelePresence Multipoint Switch 1.8
 CISCO : TelePresence Multipoint Switch 1.9
 CISCO : Cisco TelePresence Manager 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.8
 CISCO : TelePresence Immersive Endpoint Device 1.9
CVE:CVE-2012-3076 (The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows remote authenticated users to execute arbitrary commands via unspecified vectors, aka Bug ID CSCth85804.)
 CVE-2012-3075 (The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4 allows remote authenticated users to execute arbitrary commands via a malformed request on TCP port 443, aka Bug ID CSCtn99724.)
 CVE-2012-3074 (An unspecified API on Cisco TelePresence Immersive Endpoint Devices before 1.9.1 allows remote attackers to execute arbitrary commands by leveraging certain adjacency and sending a malformed request on TCP port 61460, aka Bug ID CSCtz38382.)
 CVE-2012-3073 (The IP implementation on Cisco TelePresence Multipoint Switch before 1.8.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server 1.8 and earlier allows remote attackers to cause a denial of service (networking outage or process crash) via (1) malformed IP packets, (2) a high rate of TCP connection requests, or (3) a high rate of TCP connection terminations, aka Bug IDs CSCti21830, CSCti21851, CSCtj19100, CSCtj19086, CSCtj19078, CSCty11219, CSCty11299, CSCty11323, and CSCty11338.)
 CVE-2012-2486 (The Cisco Discovery Protocol (CDP) implementation on Cisco TelePresence Multipoint Switch before 1.9.0, Cisco TelePresence Immersive Endpoint Devices before 1.9.1, Cisco TelePresence Manager before 1.9.0, and Cisco TelePresence Recording Server before 1.8.1 allows remote attackers to execute arbitrary code by leveraging certain adjacency and sending a malformed CDP packet, aka Bug IDs CSCtz40953, CSCtz40947, CSCtz40965, and CSCtz40953.)
Файлы:Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Recording Serve
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch
 Cisco Security Advisory Multiple Vulnerabilities in Cisco TelePresence Manager

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород