Avaya PCRE, IBM AIX Multiple Vulns

Certain Avaya products are affected by a vulnerability in PCRE (perl compatible regular expressions). This could cause a denial of service on the Avaya system, or lead to compromise using the affected library. The following applications are affected:

* Avaya Communication Manager (CM 3.x and 4.x)
* Avaya CCS/SES (3.1.1, 3.1.2 and 4.0)
* Avaya AES (4.0.1, 4.1)
* Avaya Intuity AUDIX LX (2.0)
* Avaya Message Networking (3.1)
* Avaya Messaging Storage Server (MSS 3.x)

For more information, see the original advisory at http://support.avaya.com/elmodocs2/security/ASA-2007-505.htm.

IBM AIX 5.x contains multiple, unspecified vulnerabilities. There are too many to list here, so if you are a user of AIX 5.x, please visit IBM support and obtain the latest updates for your specific version.

Leave a Reply