—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability

Advisory ID: cisco-sa-20160406-cts

Revision 1.0

For Public Release 2016 April 6 16:00 UTC (GMT)

+—————————————————————————————

Summary
=======

A vulnerability in Cisco TelePresence Server devices running software versions 3.0
through 4.2(4.18) could allow an unauthenticated, remote attacker to cause a kernel
panic on the device.

The vulnerability exists due to a failure to properly handle a specially crafted stream
of IPv6 packets. A successful exploit could allow an attacker to cause a kernel panic,
rebooting the device.

Cisco has released software updates that address this vulnerability. Workarounds that
mitigate this vulnerability are available.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160406-cts

—–BEGIN PGP SIGNATURE—–
Comment: GPGTools – http://gpgtools.org

iQIcBAEBCgAGBQJXBSERAAoJEK89gD3EAJB5644P/An6qNBuF8NJbf3YmheKoOnZ
qdWYOg89Cy/lvHXTiGshZvcahV+T4pwLKVsn40hl3H1Gfp8sOr9b2KIR8MC11jas
tSZ2BZUTALhUGJ7l/3DDY2pPajpRkvMlo6BTOKhewpcKxSb5KtXn0QKsQXO/0ipz
a0XlrwSZAMsyWQ9/KE3TR9LoQGZ0yPEBUJFZCP5WsMosiFGQGMp7WVO7y6G0L9J/
9LM9qZHpbi8m01wIrRigJMj7kX/6eFOdFveAUHwBcrThknd7WiaWiK0EdzvYr3bN
FbrMub1GFIZp04SaW34r+qK/Rm9P1Bku/+T38nxvAESraKG9Dumj47h3krU476UQ
oSxLvacQNnaNBs9kuBFckYLYV7RneQ1u+oZq0LAZaZ6+tWdmC0Y6abrsJk3dupnl
k2bX/F3UH8B5h6L9PJROcofuRtmmhOWRklK/kShlheZt/Vf8Wig/yHawRC5on1Iw
QvKOWY7510U2pj4OhG2YyZgX1dmJ0neDTul6hJ39uSOBUBm7LYYy8efvqRB3S1te
QaodRiaQU8CdbVRDTt5N+5qFoKQ70Ii+2HHX3h+WkMl6oVEpZ32rmn5QvbZ8pS5Y
Flnli00aDIVDrxXInqiMLAig4yKKxT12uMH8lX9Ta3tyXSD3PG9QwYXbue1exwwo
uwizbTaFsnwb9H5vyNUG
=9XH/
—–END PGP SIGNATURE—–
_______________________________________________
cust-security-announce mailing list
cust-security-announce@cisco.com
To unsubscribe, send the command “unsubscribe” in the subject of your message to cust-security-announce-leave@cisco.com