漏洞类别:General remote services
漏洞等级: 
漏洞信息
A vulnerability in the ICMP ingress packet processing of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an unauthenticated, remote attacker to cause the TelePresence endpoint to reload unexpectedly, resulting in a denial of service condition.
The vulnerability is due to incomplete input validation for the size of a received ICMP packet.
漏洞危害
An attacker could exploit this vulnerability by sending a crafted ICMP packet to the local IP address of the targeted endpoint. A successful exploit could allow the attacker to cause a Denial of Service of the TelePresence endpoint, during which time calls could be dropped. This vulnerability would affect either IPv4 or IPv6 ICMP traffic.
解决方案
Cisco advisory cisco-sa-20170503-ctp provides a fix. Refer to this advisory for upgrades and further information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论