Cisco Security Advisory: Voice Product Vulnerabilities on IBM Servers
The default installation of Cisco voice products on the IBM platform will install the Director Agent in an unsecure state, leaving the Director services vulnerable to remote administration control and/or Denial of Service attacks. The vulnerabilities can be mitigated by configuration changes and Cisco is providing a repair script that will close the vulnerable ports and put the Director agent in secure state without requiring an upgrade.
Cisco voice products running on IBM servers installed with the default configurations are affected if they leave TCP or UDP port 14247 open. To verify this vulnerability, the administrator may open a command window on the server and type netstat −a. If port 14247 is listed, the server is vulnerable to remote administrative control and Denial of Service attacks.
Affected Cisco voice products:
• Cisco CallManager
• Cisco IP Interactive Voice Response (IP IVR)
• Cisco IP Call Center Express (IPCC Express)
• Cisco Personal Assistant (PA)
• Cisco Emergency Responder (CER)
• Cisco Conference Connection (CCC)
• Cisco Internet Service Node (ISN) running on an IBM with an affected OS version.
Get pdf Cisco Security Advisory: Voice Product Vulnerabilities on IBM Servers
