Description
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
Affected products
- Cisco / unified_presence_server1.0 – 1.0
- Cisco / unified_presence_server1.0(1) – 1.0(1)
- Cisco / unified_presence_server1.0(2) – 1.0(2)
- Cisco / unified_presence_server1.0(3) – 1.0(3)
- Cisco / unified_presence_server6.0 – 6.0
- Cisco / unified_presence_server6.0(2) – 6.0(2)
- Cisco / unified_presence_server6.0(3) – 6.0(3)
- Cisco / unified_presence_server6.0(4) – 6.0(4)
- Cisco / unified_presence_server6.0(5) – 6.0(5)
- Cisco / unified_presence_server7.0 – 7.0
- Cisco / unified_presence_server7.0(2) – 7.0(2)
- Cisco / unified_presence_server7.0(3) – 7.0(3)
References
- VENDOR_ADVISORYhttp://www.vupen.com/english/advisories/2009/2915
- MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/53772
- MISChttp://www.securityfocus.com/bid/36675
- VENDOR_ADVISORYhttp://secunia.com/advisories/37039
- MISChttp://securitytracker.com/id?1023018
- VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.shtml