CVE-2011-0388 Information

Description

Cisco TelePresence Recording Server devices with software 1.6.x and Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x 1.1.x 1.5.x and 1.6.x do not properly restrict remote access to the Java servlet RMI interface which allows remote attackers to cause a denial of service (memory consumption and web outage) via multiple crafted requests aka Bug IDs CSCtg35830 and CSCtg35825.

Reference

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e11d.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6e14e.shtml http://www.securityfocus.com/bid/46523 http://www.securitytracker.com/id?1025113 http://www.securitytracker.com/id?1025114