CVE-2011-0390

Description

The XML-RPC implementation on Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, 1.6.x, and 1.7.0 allows remote attackers to cause a denial of service (process crash) via a crafted request, aka Bug ID CSCtj44534.

Affected products

• Cisco / telepresence_multipoint_switch
• Cisco / telepresence_multipoint_switch_software1.1.0 – 1.1.0
• Cisco / telepresence_multipoint_switch_software1.1.1 – 1.1.1
• Cisco / telepresence_multipoint_switch_software1.1.2 – 1.1.2
• Cisco / telepresence_multipoint_switch_software1.5.0 – 1.5.0
• Cisco / telepresence_multipoint_switch_software1.5.1 – 1.5.1
• Cisco / telepresence_multipoint_switch_software1.5.2 – 1.5.2
• Cisco / telepresence_multipoint_switch_software1.5.3 – 1.5.3
• Cisco / telepresence_multipoint_switch_software1.5.4 – 1.5.4
• Cisco / telepresence_multipoint_switch_software1.0.4.0 – 1.0.4.0
• Cisco / telepresence_multipoint_switch_software1.5.6 – 1.5.6
• Cisco / telepresence_multipoint_switch_software1.6.0 – 1.6.0
• Cisco / telepresence_multipoint_switch_software1.6.1 – 1.6.1
• Cisco / telepresence_multipoint_switch_software1.6.2 – 1.6.2
• Cisco / telepresence_multipoint_switch_software1.6.3 – 1.6.3
• Cisco / telepresence_multipoint_switch_software1.6.4 – 1.6.4
• Cisco / telepresence_multipoint_switch_software1.7.0 – 1.7.0
• Cisco / telepresence_multipoint_switch_software1.5.5 – 1.5.5

References

• MISChttp://www.securityfocus.com/bid/46520
• VENDOR_ADVISORYhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/65623
• MISChttp://www.securitytracker.com/id?1025113