Vulnerability Description
The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections to ports 16200 and 22794, aka Bug ID CSCsy17662.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Cisco | Unified Presence Server | 1.0 |
References
- http://secunia.com/advisories/37039Vendor Advisory
- http://securitytracker.com/id?1023018
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.sPatchVendor Advisory
- http://www.securityfocus.com/bid/36675
- http://www.vupen.com/english/advisories/2009/2915Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53772
- http://secunia.com/advisories/37039Vendor Advisory
- http://securitytracker.com/id?1023018
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080afc930.sPatchVendor Advisory
- http://www.securityfocus.com/bid/36675
- http://www.vupen.com/english/advisories/2009/2915Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53772
FAQ
What is CVE-2009-2874?
CVE-2009-2874 is a vulnerability with a CVSS score of 7.8 (HIGH). The TimesTenD process in Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4) allows remote attackers to cause a denial of service (process crash) via a large number of TCP connections...
How severe is CVE-2009-2874?
CVE-2009-2874 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-2874?
Check the references section above for vendor advisories and patch information. Affected products include: Cisco Unified Presence Server.