CERT mailing list archives

Current Activity - Cisco Releases Multiple Security Advisories

From: Current Activity <us-cert () us-cert gov>
Date: Thu, 4 Mar 2010 18:06:49 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

US-CERT Current Activity

Cisco Releases Multiple Security Advisories

Original release date: March 4, 2010 at 6:00 pm
Last revised: March 4, 2010 at 6:00 pm


Cisco has released three security advisories to address
vulnerabilities.

Security advisory cisco-sa-20100303-cucm, addresses multiple
vulnerabilities in the Cisco Unified Communications Manager which
affect the Session Initiation Protocol (SIP), Skinny Client Control
Protocol (SCCP), and the Computer Telephony Integration (CTI) Manager
services. Successful exploitation of these vulnerabilities could
result in a denial-of-service condition and an interruption of voice
services.

Security advisory cisco-sa-20100303-dmm, addresses multiple
vulnerabilities in the Cicso Digital Media Manager (DMM).  Successful
exploitation of these vulnerabilities could allow for information
disclosure, unauthorized settings or system configuration changes, and
disclosure of default credentials.  There are no workarounds for
mitigation, and US-CERT will alert users and administrators as updates
are made available.

Security advisory cisco-sa-20100303-dmp, addresses a vulnerability
that exists in the Cisco Digital Media Player. Successful exploitation
of this vulnerability may allow and attacker to inject video or data
content into a remote display.

US-CERT encourages users and administrators to review security
advisory cisco-sa-20100303-cucm and cisco-sa-20100303-dmp and apply
any necessary updates or workarounds to mitigate the risks.

Relevant Url(s):
<http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b925.shtml>

<http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b923.shtml>

<http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml>

<http://www.cisco.com/en/US/products/products_security_advisory09186a0080%20b1b925.shtml>

====
This entry is available at
http://www.us-cert.gov/current/index.html#cicso_releases_multiple_security_advisories

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iQEVAwUBS5A88i/E9ke+6HGsAQKloAgAojxxpICT0a9hFZbKcGHSv4SGnDj1CNbS
Sf9tClcJTJcF6DSiSbVW5s2Q9gUPCCxbTa2Dhfey1TG5I6NP/4jNymKIbtn0unnB
1syTdB1TDmmZHlVZSG/04XcB32Po/hKqwGVZ1KyIxX6b6zgx6Go3sWUIQXQ4ZubH
wtTIlHl1cz2NO/hYLyQ5JovEmoyWC/s3+xFdG75ZBeoCzH/QbE1de/OjZp0LU9cY
v3vigLXVLr7rBavIz4nvXW1e0J0QGWkqKSLFYBP47x1+zI2DGLI6QmKwSlGTDQmQ
wPeGuLPmZdTn4x1DQay8Zp6u6M7NpTJajvoTymvs5O7MDWVwfFR+qA==
=WZCb
-----END PGP SIGNATURE-----

Current thread:

Current Activity - Cisco Releases Multiple Security Advisories Current Activity (Feb 17)
- <Possible follow-ups>
- Current Activity - Cisco Releases Multiple Security Advisories Current Activity (Mar 04)