Zotob update



There was an update at Incidents.org on the Zotob worm and specifically an advisory related to Cisco products.


From their site….

**snipped from NISCC**

“Affected Products
=================
If the software versions or configuration information are provided, then only those combinations are vulnerable. This is a list of appliance software that needs patches downloaded from Cisco:
* Cisco CallManager
* Cisco Customer Response Application Server (CRA)
* Cisco Personal Assistant
* Cisco Conference Connection (CCC)
* Cisco Emergency Responder

Other Cisco products that run on a Microsoft-based operating system should strongly consider loading the security update from Microsoft at
http://www.microsoft.com/technet/security/Bulletin/MS05-039.mspx

This list is not all inclusive, so refer to Microsoft’s Advisory if you think you have an affected Microsoft platform.

* Cisco Unity
* Cisco Building Broadband Service Manager (BBSM)
* Cisco CNS Network Registrar (CNR)
* Cisco Customer Voice Portal
* Cisco ICM Enterprise Edition
* Cisco ICM Hosted Edition
* Cisco IP Contact Center (IPCC) (Express, Enterprise, Hosted, Remote Agent)
* Cisco E-mail Manager (CEM)
* Cisco Web Collaboration Option
* Cisco Collaboration Server Dynamic Content Adapter
* Cisco Media Blender (CMB)
* Cisco IP Interactive Voice Response
* IP Queue Manager
* Cisco Customer Voice Portal
* Cisco Computer Telephony Integration Option
* Cisco Outbound Option
* Cisco Remote Monitoring Suite Option
* Cisco Support Tools
* TrailHead (Part of the Web Gateway solution)
* Cisco Networking Services for Active Directory (CNS/AD)
* Cisco SN 5400 Series Storage Routers (driver to interface to Windows server)

* CiscoWorks
— + CiscoWorks VPN/Security Management Solution (CWVMS)
— + User Registration Tool
_- + LAN Management Solution
— + Routed WAN Management
— + Service Management
— + IP Telephony Environment Monitor
— + Small Network Management Solution
— + QoS Policy Manager
— + Voice Manager

* Cisco Transport Manager (CTM)
* Cisco Broadband Troubleshooter (CBT)
* DOCSIS CPE Configurator
* Access Control Server (ACS)

* Videoconferencing Applications
— + IP/VC 3540 Video Rate Matching Module
— + IP/VC 3540 Application Server”

The advisory also includes ACL’s for IOS.

   Send article as PDF   

Similar Posts