9 matches found
iCULeak - Tool To Find And Extract Credentials From Phone Configuration Files Hosted On Cisco CUCM
Tool to find and extract credentials from phone configuration files in environments managed by Cisco's CUCM Call Manager. When using Cisco's CUCM Call Manager, phone configuration files are stored on a TFTP server. These phone configuration files quite frequently contain sensitive data, including...
Sql injection
SQL injection vulnerability in Cisco Unified Communications Manager CUCM 7.1x through 9.11a allows remote attackers to execute arbitrary SQL commands via unspecified vectors, leading to discovery of encrypted credentials by leveraging metadata, aka Bug ID CSCuh01051...
Cisco CUCM Directory Traversal / Reversible Obfuscation
Recurity Labs GmbH http://www.recurity-labs.com [email protected] Date: 08.11.2011 Vendor: Cisco Systems Product: CUCM Environment Cisco Unified Communications Manager CallManager Cisco IP Phone CP-7975G Vulnerability: Directory Traversal Reversible Obfuscation Algorithm SCCP service...
Directory traversal
Directory traversal vulnerability in Cisco Unified Communications Manager CUCM 5.x and 6.x before 6.15SU2, 7.x before 7.15bSU2, and 8.x before 8.03, and Cisco Unified Contact Center Express aka Unified CCX or UCCX and Cisco Unified IP Interactive Voice Response Unified IP-IVR before 6.01SR1ES8,...
Code injection
The Packet Capture Service in Cisco Unified Communications Manager aka CUCM, formerly CallManager 4.x does not properly handle idle TCP connections, which allows remote attackers to cause a denial of service memory consumption and restart by making many connections, aka Bug ID CSCtf97162...
Memory corruption
Memory leak in the Certificate Trust List CTL Provider service in Cisco Unified Communications Manager CUCM 5.x before 5.13 allows remote attackers to cause a denial of service memory consumption and service interruption via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug I...
CVE-2008-1743
Memory leak in the Certificate Trust List CTL Provider service in Cisco Unified Communications Manager CUCM 5.x before 5.13 and 6.x before 6.11 allows remote attackers to cause a denial of service memory consumption and service interruption via a series of malformed TCP packets, aka Bug ID...
Memory corruption
Memory leak in the Certificate Trust List CTL Provider service in Cisco Unified Communications Manager CUCM 5.x before 5.13 and 6.x before 6.11 allows remote attackers to cause a denial of service memory consumption and service interruption via a series of malformed TCP packets, aka Bug ID...
CVE-2008-1743
Memory leak in the Certificate Trust List CTL Provider service in Cisco Unified Communications Manager CUCM 5.x before 5.13 and 6.x before 6.11 allows remote attackers to cause a denial of service memory consumption and service interruption via a series of malformed TCP packets, aka Bug ID...