In association with heise online

27 June 2008, 10:26

Cisco fixes holes in Communication Manager

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Cisco has released an update to fix flaws in its Unified Communication Manager (CUCM), formerly called Unified CallManager. CUCM is a central component for managing call signalling and voice, data, and video services on Cisco's Unified Communication Platform. According to the company's security advisory, attackers could bypass authentication for access to the data collector service on TCP port 2556. They could then terminate voice over IP connections or gather management and status information on connected devices.

The update also fixes a problem not described in detail – it seems that manipulated data packets sent to TCP port 2748 could cause Computer Telephony Integration services to crash. CUCM versions 4.x, 5.x and 6.x are affected.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit