Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing

2012-10-31T16:00:00
ID CISCO-SA-20121031-MP
Type cisco
Reporter Cisco
Modified 2012-11-27T14:29:07

Description

Cisco Unified MeetingPlace Web Conferencing is affected by two vulnerabilities:

Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability
Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability

Exploitation of the Cisco Unified MeetingPlace Web Conferencing SQL Injection Vulnerability may allow an unauthenticated, remote attacker to send Structured Query Language (SQL) commands to manipulate the MeetingPlace database stores information about server configuration, meetings, and users. These commands may be used to create, delete, or alter some of the information in the Cisco Unified MeetingPlace Web Conferencing database.

Exploitation of the Cisco Unified MeetingPlace Web Conferencing Buffer Overrun Vulnerability may allow an unauthenticated, remote attacker to create a buffer overrun condition that may cause the Web Conferencing server to become unresponsive.

Cisco has released software updates that address these vulnerabilities. There are no workarounds that mitigate these vulnerabilities. This advisory is available at the following link:

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp["http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20121031-mp"]

The Cisco Unified MeetingPlace Web Conferencing service contains a vulnerability that could allow an unauthenticated, remote attacker to create a buffer overrun condition that may cause the Web Conferencing server to become unresponsive.

The vulnerability is due to insufficient validation of some parameter values of an HTTP POST request. An attacker may be able to exploit this vulnerability by crafting the value of the vulnerable parameters in an HTTP POST request directed to the affected system. An exploit could allow the attacker to cause the Web Conferencing server to become unresponsive.

The Cisco Unified MeetingPlace Web Conferencing service contains a vulnerability that could allow an unauthenticated, remote attacker to inject Structured Query Language (SQL) commands, that may affect the integrity and availability of the data stored in the MeetingPlace Web Conferencing internal database. This data may include server configurations, meetings, and users.

The vulnerability is due to insufficient validation of some of the parameters passed through the HTTP POST method. An attacker could exploit this vulnerability by inserting malicious SQL commands in the HTTP POST request directed to the affected system. An exploit could allow the attacker to modify or delete data from the Web Conferencing database.