ABS would like to make our customers aware of the CTL service being exploited in the CUCM/CCM server via a DoS attack. That service is only usually used if there is some kind of security/encryption being used on the CCM servers beyond the standard features.
This is an exploit that Cisco Unified Communications customers need to know about, and they should be aware that it allows a Denial of Service (DoS) attack. Customers should also be aware that it may not be a service they need to have enabled, depending on the deployment.
For a service fee of $150.00, ABS will provide an engineer to remotely connect to the CCM cluster and confirm that the service is or is not running, and then disable the service (if it is not required) in alignment with the workarounds provided. While doing this, ABS will also have the engineer confirm the current OS and CCM version and patches, as well as verifying the last time a successful backup was run on the server.
Please contact your ABS Account Manager, or Julia Gardner at sales@absnt.com for more information.
Cisco Unified Communications Manager CTL Provider Heap Overflow Summary:
Cisco Unified Communications Manager (CUCM), formerly CallManager, contains a heap overflow vulnerability in the Certificate Trust List (CTL) Provider service that could allow a remote, unauthenticated user to cause a denial of service (DoS) condition or execute arbitrary code. There is a workaround for this vulnerability.
Cisco has made free software available to address these vulnerabilities for affected customers.
Common Vulnerabilities and Exposures (CVE) identifier CVE-2008-0027 has been assigned to this vulnerability.
This advisory is posted at http://www.cisco.com/warp/public/707/cisco-sa-20080116-cucmctl.shtml
No comments:
Post a Comment