Vulnerable Products

Cisco Unified Presens version 6.0(1) and 6.0(2)

Official information

http://www.cisco.com/warp/public/707/cisco-sa-20080514-cup.shtml

Impact

Successful exploitation of any of the vulnerabilities may result in the interruption of presence services. There is no workaround for this vulnerability

Risk level

High

Vector

External

Details

The SIP Proxy service of Cisco Unified Presence versions 6.0(1) and 6.0(2) contain a vulnerability that occurs when a TCP port scan is received by a vulnerable Cisco Unified Presence system and may result in a DoS condition.

This vulnerability is documented in CVE-2008-1741 and Cisco Bug ID CSCsj64533 (registered customers only).

Fixed Software

There are no workarounds for these vulnerabilities.

Fixes for all the vulnerabilities listed in this advisory are included in Cisco Unified Presence version 6.0(3) that is available at the following link:

http://www.cisco.com/pcgi-bin/tablebuild.pl/cup-60?psrtdcat20e2 (registered customers only).

Remediation

Redshift Networks UCTM solution provides comprehensive 0-day protection for critical IP- Voice, Video, Unified Communications & Collaborative networks and applications. In this specific case, UCTM protects against TCP port scanning and blacklisted an attacker to have traceability of security events. For more information on RedShift Networks, pls. go to www.redshiftnetworks.com