Cisco Telepresence System Software vulnerabilities

CVE-2011-0374 [CRITICAL] CWE-78 CVE-2011-0374: The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allo The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote authenticated users to execute arbitrary commands via a malformed request, related to "command injection vulnerabilities," aka Bug ID CSCtb31659.

CVE-2011-0379 [HIGH] CWE-119 CVE-2011-0379: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 1.6.x; Cisco TelePresence Multipoint Switch (CTMS) devices with software 1.0.x, 1.1.x, 1.5.x, and 1.6.x; Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x; and Cisco TelePresence Manager 1.2.x, 1.3.x, 1.4.x, 1.5.x, and 1.6.2 allows remote at

CVE-2011-0377 [HIGH] CWE-399 CVE-2011-0377: Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to caus Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x allow remote attackers to cause a denial of service (service crash) via a malformed SOAP request in conjunction with a spoofed TelePresence Manager that supplies an invalid IP address, aka Bug ID CSCth03605.

CVE-2011-0378 [HIGH] CWE-78 CVE-2011-0378: The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x allows remote attackers to execute arbitrary commands via a TCP request, related to a "command injection vulnerability," aka Bug ID CSCtb52587.