Cisco voice products on IBM servers contain a flaw that may allow a remote denial of service. The issue is triggered by an insecure installation of IBM Director by the Cisco default installations, and will result in loss of availability for the platform.

The default installations of Cisco voice products on IBM servers will install IBM Director in unsecure state leaving TCP and UDP ports 14247 open. A network security scanner scanning port 14247 can trigger the IBM Director agent process twgipc.exe to use 100% of the CPU until the server is rebooted

The vulnerabilities are specific to Cisco voice products on IBM servers and all vulnerabilities listed in this advisory can be mitigated with the repair script without requiring an upgrade.

The vulnerabilities are specific to Cisco voice products on IBM servers and all vulnerabilities listed in this advisory can be mitigated with the repair script without requiring an upgrade.

• Secunia Advisory ID: 10696
• ISS X-Force ID: 14901
• CVE ID: 2004-1759 (see also: NVD)
• Related OSVDB ID: 3692
• Other Advisory URL: http://archives.neohapsis.com/archives/cisco/2002-q1/0004.html
• Vendor Specific Advisory URL: http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml
• CIAC Advisory: o-066

Unknown or Incomplete