Cisco TANDBERG MXP < 9.0 SNMP Packet Handling DoS

This script is Copyright (C) 2013 Tenable Network Security, Inc.

Synopsis :

An application on the remote host is affected by a denial of service

Description :

The remote host is running TANDBERG MXP Endpoint, an application used
for video conferencing.

According to the version number identified in the telnet banner, the
TANDBERG MXP Endpoint version running on the remote host is less than
F9.0. As such, the install is potentially affected by a remote denial
of service condition as the firmware incorrectly processes Simple
Network Management Protocol (SNMP) packets. A remote, unauthenticated
attacker could exploit this issue by sending a specially crafted SNMP
packet to the affected device causing a denial of service (DoS)

Note that Nessus did not test for this issue, but rather relied on the
application's self-reported version number.

See also :

Solution :

Upgrade to version F9.0 or later.

Risk factor :

High / CVSS Base Score : 7.8
CVSS Temporal Score : 6.4
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 69825 ()

Bugtraq ID: 42827


Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial