This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.
The remote device is missing a vendor-supplied security patch.
Devices running Cisco IOS Software and configured for Cisco Unified
Communications Manager Express (CME) or Cisco Unified Survivable
Remote Site Telephony (SRST) operation are affected by two denial of
service vulnerabilities that may result in a device reload if
successfully exploited. The vulnerabilities are triggered when the
Cisco IOS device processes specific, malformed Skinny Call Control
Protocol (SCCP) messages. Cisco has released free software updates
that address these vulnerabilities.
See also :
Apply the relevant patch referenced in Cisco Security Advisory
Risk factor :
High / CVSS Base Score : 7.8
Nessus Plugin ID: 49049 (cisco-sa-20100324-cucmehttp.nasl)
CVE ID: CVE-2010-0585CVE-2010-0586
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.