Cisco TANDBERG MXP < 9.0 SNMP Packet Handling DoS

high Nessus Plugin ID 69825

Synopsis

An application on the remote host is affected by a denial of service vulnerability.

Description

The remote host is running TANDBERG MXP Endpoint, an application used for video conferencing.

According to the version number identified in the telnet banner, the TANDBERG MXP Endpoint version running on the remote host is less than F9.0. As such, the install is potentially affected by a remote denial of service condition as the firmware incorrectly processes Simple Network Management Protocol (SNMP) packets. A remote, unauthenticated attacker could exploit this issue by sending a specially crafted SNMP packet to the affected device causing a denial of service (DoS) condition.

Note that Nessus did not test for this issue, but rather relied on the application's self-reported version number.

Solution

Upgrade to version F9.0 or later.

See Also

https://seclists.org/fulldisclosure/2010/Aug/381

https://tools.cisco.com/security/center/viewAlert.x?alertId=21335

http://www.nessus.org/u?91c9ea23

Plugin Details

Severity: High

ID: 69825

File Name: cisco_tandberg_mxp_dos.nasl

Version: 1.7

Type: remote

Family: CISCO

Published: 9/10/2013

Updated: 6/3/2021

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: High

Base Score: 7.8

Temporal Score: 6.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C

Vulnerability Information

CPE: cpe:/a:cisco:tandberg_endpoint

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 9/9/2010

Vulnerability Publication Date: 8/28/2010

Reference Information

BID: 42827

IAVB: 2010-B-0086-S