Newly found
Vulnerabilities 04/05/08:
Cisco Unified Communication Disaster Recovery Framework Vulnerability
Cisco has released a patch to address vulnerability in the
Unified Communication Disaster Recovery Framework. This vulnerability is due to
improper authentication of requests received over the network. This
vulnerability may allow a remote, unauthenticated attacker to execute arbitrary
code, gain control of the affected system, obtain and modify system
configuration parameters, or cause a denial-of-service condition.
We encourage users and administrators to review Cisco advisory cisco-sa-20080403-drf and apply the patch or use the workarounds.