Vulnerability Bulletins |
Denegación de servicio en Cisco Application Control Engine Global Site Selector |
|
Vulnerability classification |
|
Property | Value |
Confidence level | Oficial |
Impact | Denegación de Servicio |
Dificulty | Experto |
Required attacker level | Acceso remoto sin cuenta a un servicio estandar |
System information |
|
Property | Value |
Affected manufacturer | Networking |
Affected software |
Cisco GSS 4480 Global Site Selector Cisco GSS 4490 Global Site Selector Cisco GSS 4491 Global Site Selector Cisco GSS 4492R Global Site Selector |
Description |
|
Se ha descubierto una vulnerabilidad en Cisco Application Control Engine Global Site Selector (GSS). La vulnerabilidad reside en un error en el procesamiento de consultas DNS. Un atacante remoto podría causar una denegación de servicio mediante una consulta DNS especialmente diseñada. |
|
Solution |
|
Actualización de software Cisco Cisco Unified Communications Manager 4.2(3)SR4 / patch 3.0(2) Cisco Unified Communications Manager 4.3(2)SR1 / patch 3.0(2) Cisco Unified Communications Manager 5.1(3c) / patch 3.0(2) Cisco Unified Communications Manager 6.1(2) / patch 3.0(2) http://tools.cisco.com/support/downloads/ |
|
Standar resources |
|
Property | Value |
CVE | CVE-2008-3819 |
BID | 33152 |
Other resources |
|
Cisco Security Advisory (cisco-sa-20090107-gss) http://www.cisco.com/warp/public/707/cisco-sa-20090107-gss.shtml |
Version history |
||
Version | Comments | Date |
1.0 | Aviso emitido | 2009-01-12 |