Denial of Service Vulnerability in Cisco Unified Presence
CVE-2009-2874

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Presence Server
Vendor: CVE Published:; 16 October 2009

What is CVE-2009-2874?

The TimesTenD process in Cisco Unified Presence versions 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) is susceptible to a denial of service condition. This vulnerability allows remote attackers to crash the process through the establishment of a large number of TCP connections targeting specific ports (16200 and 22794). This can disrupt the services provided by the Cisco Unified Presence application, affecting operational continuity.

References

http://www.vupen.com/english/advisories/2009/2915

vdb-entryx_refsource_VUPEN

https://exchange.xforce.ibmcloud.com/vulnerabilities/53772

vdb-entryx_refsource_XF

http://www.securityfocus.com/bid/36675

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 16, 2009
Vulnerability Reserved
Aug 19, 2009