Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Unified Contact Center Express directory traversal
Published:15.06.2010
Source:
SecurityVulns ID:10934
Type:remote
Threat Level:
6/10
Description:Directory traversal in TCP/6295 service, DoS.
Affected:CISCO : Cisco Unified Contact Center Express 8.0
 CISCO : Cisco Unified Contact Center Express 7.0
 CISCO : Cisco Unified Contact Center Express 6.0
 CISCO : Cisco Unified Contact Center Express 5.0
CVE:CVE-2010-1571 (Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), unspecified 6.0 versions, and 5.0 before 5.0(2)SR3 allows remote attackers to read arbitrary files via a crafted bootstrap message to TCP port 6295.)
 CVE-2010-1570 (The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (UCCX) 7.0 before 7.0(1)SR4 and 7.0(2), 6.0 before 6.0(1)SR1, and 5.0 before 5.0(2)SR3 allows remote attackers to cause a denial of service (CTI server and Node Manager failure) via a malformed CTI message.)
Original documentdocumentCISCO, Cisco Security Advisory: Vulnerabilities in Cisco Unified Contact Center Express (15.06.2010)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod