发布日期：2016-08-07
更新日期：2016-08-08

受影响系统：

Cisco Unified Communications Manager IM and Presence Ser 9.1(1) SU7
Cisco Unified Communications Manager IM and Presence Ser 9.1(1) SU6a
Cisco Unified Communications Manager IM and Presence Ser 9.1(1) SU6
Cisco Unified Communications Manager IM and Presence Ser 11.5(1)
Cisco Unified Communications Manager IM and Presence Ser 11.0(1) SU1
Cisco Unified Communications Manager IM and Presence Ser 10.5(2) SU2a
Cisco Unified Communications Manager IM and Presence Ser 10.5(2) SU2

描述：

---

CVE(CAN) ID: CVE-2016-1466

Cisco Unified Communications Manager是企业级IP电话呼叫处理系统。

Cisco Unified Communications Manager IM and Presence Service 9.1(1) SU6, 9.1(1) SU6a, 9.1(1) SU7, 10.5(2) SU2, 10.5(2) SU2a, 11.0(1) SU1, 11.5(1)在会话初始化协议处理功能中存在安全漏洞。远程攻击者向目标系统发送构造的SIP包，可造成SIPD进程重启，导致拒绝服务。

<*来源：Cisco
  
  链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-ucm
*>

建议：

---

厂商补丁：

Cisco
-----
Cisco已经为此发布了一个安全公告（cisco-sa-20160803-ucm）以及相应补丁:
cisco-sa-20160803-ucm：Cisco Unified Communications Manager IM and Presence Service SIP Packet Processing Denial of Service Vulnerability
链接：http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-ucm

浏览次数：1744
严重程度：0（网友投票）