ID de Prueba:	1.3.6.1.4.1.25623.1.0.106544
Categoría:	CISCO
Título:	Cisco TelePresence VCS Denial of Service Vulnerability (cisco-sa-20170125-expressway)
Resumen:	A vulnerability in the received packet parser of Cisco; TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote; attacker to cause a reload of the affected system, resulting in a denial of service (DoS); condition.
Descripción:	Summary: A vulnerability in the received packet parser of Cisco TelePresence Video Communication Server (VCS) software could allow an unauthenticated, remote attacker to cause a reload of the affected system, resulting in a denial of service (DoS) condition. Vulnerability Insight: The vulnerability is due to insufficient size validation of user-supplied data. An attacker could exploit this vulnerability by sending crafted H.224 data in Real-Time Transport Protocol (RTP) packets in an H.323 call. Vulnerability Impact: An exploit could allow the attacker to overflow a buffer in a cache that belongs to the received packet parser, which will result in a crash of the application, resulting in a DoS condition. Solution: Update to version X8.8.2 or later. CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2017-3790 BugTraq ID: 95786 http://www.securityfocus.com/bid/95786 http://www.securitytracker.com/id/1037697
Copyright	Copyright (C) 2017 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.