This article is more than 1 year old

Cisco Videoscape bug could bring endless repeats to your tellie

Cloudy PVR has denial of service problem, but the fix is in

Cisco is asking Web broadcasters using its Videoscape TV-over-IP streaming product to get patching, after a denial-of-service vulnerability was found in the software.

The system, kicked off in 2011 and rolled into a bigger “Evolved Services Platform” in 2014, is a cloudy PVR with transcoder and video optimisation.

The Borg's advisory says an input validation bug (CVE-2015-0725) in the Videoscape Distribution Suite's HTTP processing module lets attackers force reloads over HTTP.

“Successful exploitation of the vulnerability could allow the attacker to trigger device instability and could cause a device to reload. Repeated exploitation could result in a sustained DoS condition,” the advisory says.

There is a patch, but there's no workaround before the patch is applied. ®

More about

TIP US OFF

Send us news


Other stories you might like