The SISCO OSI stack for Windows, as used by MMS-EASE 7.10 and earlier, AX-S4 MMS 5.01 and earlier, AX-S4 ICCP 3.0103 and earlier, and the ICCP Toolkit for MMS-EASE 4.10 and earlier, allows remote attackers to cause a denial of service (process crash) via certain network traffic, as demonstrated using a Nessus scan.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Ax-s4_iccp | Sisco | * | 3.0103 (including) |
| Ax-s4_mms | Sisco | * | 5.01 (including) |
| Iccp_toolkit_for_mms-ease | Sisco | * | 4.10 (including) |
| Mms-ease | Sisco | * | 7.10 (including) |
References
- http://secunia.com/advisories/22047
- http://www.kb.cert.org/vuls/id/468798
- http://www.securityfocus.com/bid/20130
- http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf
- http://www.vupen.com/english/advisories/2006/3733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29072
- http://secunia.com/advisories/22047
- http://www.kb.cert.org/vuls/id/468798
- http://www.securityfocus.com/bid/20130
- http://www.sisconet.com/downloads/NESSUS_Vulnerability_Announcement.pdf
- http://www.vupen.com/english/advisories/2006/3733
- https://exchange.xforce.ibmcloud.com/vulnerabilities/29072