Description: Avaya has acknowledged some vulnerabilities in httpd/mod_ssl included in some products, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially bypass certain security restrictions.
The vulnerabilities have been reported in the following products:
* Avaya S8710/S8700/S8500/S8300 (version 2.x and 3.0)
* Avaya Converged Communication Server (CCS) / SIP Enablement Services (SES)
* Avaya Modular Messaging Message Storage Server (MSS)
Solution: The vendor recommends that local and network access to the affected systems should be restricted until an update is available.
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
