Some vulnerabilities and a security issue have been reported in Cisco Unity, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

1) An error exists within the authentication process in the Cisco Unity server, which can be exploited to bypass the authentication mechanism and view or modify certain system configuration parameters.

2) An error in the session handling in the Cisco Unity server can be exploited to cause a DoS by exhausting all available sessions.

Successful exploitation of these vulnerabilities requires that the Cisco Unity server is configured for anonymous authentication (not the default configuration).

3) A security issue is caused due to insecure permissions on "\CommServer\Reports", which can be exploited by domain users to disclose potentially sensitive information.

Solution
Update to version 4.0ES161, 5.0ES53, or 7.0ES8.
Further details available to Secunia VIM customers

Provided and/or discovered by
VoIPshield Systems

Changelog
Further details available to Secunia VIM customers

Original Advisory
Cisco:
http://www.cisco.com/warp/public/707/cisco-sa-20081008-unity.shtml
http://www.cisco.com/warp/public/707/cisco-sr-20081008-unity.shtml

VoIPshield:
http://www.voipshield.com/research-details.php?id=126&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC
http://www.voipshield.com/research-details.php?id=128&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC
http://www.voipshield.com/research-details.php?id=130&s=1&threats_details=&threats_category=0&threats_vendor=0&limit=20&sort=discovered&sortby=DESC

Deep Links
Links available to Secunia VIM customers