September 25, 2009, 7:22 AM — Cisco on Wednesday released an update to patch a vulnerability found in the SIP service of its Unified Communications Manager.
If exploited, the vulnerability could allow a Denial of Service (DoS) attack to interrupt voice services, according to a Cisco security advisory. Cisco’s Unified Communications Manager, formerly called Cisco Unified CallManager, is an IP telephony call-processing system designed to replace PBXes.
The company on Wednesday also released ten other security updates for vulnerabilities that affect its IOS software. If exploited, these vulnerabilities could result in a breach in confidentiality or DoS attack, the company says.
These updates aim to fix vulnerabilities in Cisco’s network infrastructure software including an object-group access control list bypass and potential exploits to its software authentication proxy; Manager Express; H.323and crafted encryption packet services; zone-based policy firewall; network time protocol packet; and software tunnels, according to the advisory.
Cisco released patches for IOS as recently as late July, addressing two vulnerabilities that could allow hackers to launch a DoS attack when dealing with certain Border Gateway Protocol (BGP) updates.
Do you tweet? Follow me on Twitter here.