Reported January 19, 2005, by Cisco Systems

VERSIONS AFFECTED

         Version 12.1YD, 12.2T, 12.3 and 12.3T

DESCRIPTION

Cisco devices running Internetwork Operating System (IOS) that have been configured for Telephony Service, CallManager Express (CME) or Survivable Remote Site Telephony (SRST), contain a vulnerability that might cause the device to reload. Ttherefore the vulnerability could be used for denial of service (DoS) attacks.

VENDOR RESPONSE

Cisco has released an advisory which contains specific IOS upgrade information. See the bulletin for details about to upgrade your particular IOS version.

CREDIT
Discovered by SecureTest