Last Updated: 2010-02-17 21:51:12 UTC
by Rob VandenBrink (Version: 1)
From the advisory, specific CSA versions and components are vulnerable to SQL injection and directory traversal (allowing unauthorized config changes for instance), as well as a DOS (Denial of Service) condition.
Cisco Security Agent releases 5.1, 5.2 and 6.0 are affected by the SQL injection vulnerability. Only Cisco Security Agent release 6.0 is affected by the directory traversal vulnerability. Only Cisco Security Agent release 5.2 is affected by the DoS vulnerability.
Note: Only the Management Center for Cisco Security Agents is affected by the directory traversal and SQL injection vulnerabilities. The agents installed on user end-points are not affected.
Only Cisco Security Agent release 5.2 for Windows and Linux, either managed or standalone, are affected by the DoS vulnerability.
Standalone agents are installed in the following products:
* Cisco Unified Communications Manager (CallManager)
* Cisco Conference Connection (CCC)
* Emergency Responder
* IPCC Express
* IPCC Enterprise
* IPCC Hosted
* IP Interactive Voice Response (IP IVR)
* IP Queue Manager
* Intelligent Contact Management (ICM)
* Cisco Voice Portal (CVP)
* Cisco Unified Meeting Place
* Cisco Personal Assistant (PA)
* Cisco Unity
* Cisco Unity Connection
* Cisco Unity Bridge
* Cisco Secure ACS Solution Engine
* Cisco Internet Service Node (ISN)
* Cisco Security Manager (CSM)
Note: The Sun Solaris version of the Cisco Security Agent is not affected by these vulnerabilities.
The full advisory, including a matrix of vulnerable and fixed versions, can be found here ==> http://www.cisco.com/warp/public/707/cisco-sa-20100217-csa.shtml
=============== Rob VandenBrink Metafore ===============