- Nokia's new N97 vs. the iPhone
- Talk-powered cell phones?
- FBI: Copper thieves jeopardize U.S. infrastructure
- 10 Microsoft research projects
- Smartphone smackdown: Storm vs. iPhone
Cisco Wednesday released its first new security alert of the year: a warning that its Cisco Unified Communications Manager - formerly CallManager - contains a heap overflow vulnerability in the Certificate Trust List that could allow a hacker to cause a denial-of-service attack or execute arbitrary code.
Cisco has made available a free software fix for affected customers, and a workaround is available in its security advisory.
The products that are vulnerable are:
* Cisco Unified CallManager 4.0
* Cisco Unified CallManager 4.1 Versions prior to 4.1(3)SR5c
* Cisco Unified Communications Manager 4.2 Versions prior to 4.2(3) SR3
* Cisco Unified Communications Manager 4.3 Versions prior to 4.3(1) SR1
Cisco says it is not aware of any public announcements or malicious use of the vulnerability, which was reported to Cisco from TippingPoint.(Learn more about IP PBX products from our IP PBX Buyer's Guide.)
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (1)
Cisco warns of CallManager heap overflow vulnerabilityBy Cisco Subnet on January 16, 2008, 6:54 pmCisco has released its first new security alert of the year: a warning that its Cisco Unified Communications Manager - formerly CallManager - contains a heap overflow...
Reply | Read entire comment
View all comments