129 matches found
CVE-2010-2837
The SIPStationInit implementation in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.1SU before 6.15SU1, 7.0SU before 7.02aSU3, 7.1SU before 7.13bSU2, 7.1 before 7.15, and 8.0 before 8.01 allows remote attackers to cause a denial of service process failure via a malformed SI...
Code injection
The SIPStationInit implementation in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.1SU before 6.15SU1, 7.0SU before 7.02aSU3, 7.1SU before 7.13bSU2, 7.1 before 7.15, and 8.0 before 8.01 allows remote attackers to cause a denial of service process failure via a malformed SI...
CVE-2010-2837
CVE-2010-2837 affects Cisco Unified Communications Manager (CUCM) via the SIPStationInit code; a malformed SIP message can trigger a remote denial of service (process failure). Affected CUCM versions include 6.x, 7.x, and 8.x; fixes are in 6.1(5)SU1, 7.0(2a)SU3, 7.1(3b)SU2, 7.1(5), and 8.0(1). Ci...
CVE-2010-2837
The SIPStationInit implementation in Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.1SU before 6.15SU1, 7.0SU before 7.02aSU3, 7.1SU before 7.13bSU2, 7.1 before 7.15, and 8.0 before 8.01 allows remote attackers to cause a denial of service process failure via a malformed SI...
CVE-2010-2838
CVE-2010-2838 affects Cisco Unified Communications Manager (CUCM). The vulnerability is caused by the SendCombinedStatusInfo implementation in CUCM’s SIP handling, where a malformed SIP REGISTER message can trigger a denial of service (process failure). Affected CUCM versions are 7.0(2a)SU3, 7.1(...
Design/Logic Flaw
Cisco Unified Communications Manager aka CUCM, formerly CallManager 6.x before 6.15, 7.x before 7.13asu1, and 8.x before 8.01 allows remote attackers to cause a denial of service process failure via a malformed SCCP 1 RegAvailableLines or 2 FwdStatReq message with an invalid Line number, aka Bug ...
CVE-2010-0590
CVE-2010-0590 affects Cisco Unified Communications Manager (CUCM) CMSIPUtility. It allows remote attackers to cause a DoS (process failure) via a malformed SIP Register message on CUCM 7.x prior to 7.1(3a)su1 and 8.x prior to 8.0(1); the vulnerability is fixed in CUCM 7.1(3a)su1 and 8.0(1).
CVE-2010-0587
CVE-2010-0587 affects Cisco Unified Communications Manager (CUCM) and is triggered by a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, leading to a DoS (process failure). The vulnerability impacts CUCM versions 4.x (before 4.3(2)SR2), 6.x (before 6.1(5)), 7.x (before ...
CVE-2010-0591
CVE-2010-0591 affects Cisco Unified Communications Manager (CUCM) where a malformed SIP REG message can cause a DoS (process failure) due to an overflow of the Telephone-URL field. Affected CUCM versions include 6.x prior to 6.1(5), 7.x prior to 7.1(3b)SU2, and 8.x prior to 8.0(1). Cisco fixed th...
CVE-2010-0588
Cisco Unified Communications Manager (CUCM) versions 6.x prior to 6.1(5), 7.x prior to 7.1(3a)su1, and 8.x prior to 8.0(1) are affected by a DoS vulnerability triggered by malformed SCCP messages (RegAvailableLines or FwdStatReq) containing an invalid Line number, which can cause a process failur...
CVE-2009-2864
Cisco Unified Communications Manager (CUCM) versions affected: 5.x before 5.1(3g); 6.x before 6.1(4); 7.0.x before 7.0(2a)su1; 7.1.x before 7.1(2). Root cause is a denial-of-service in the SIP handling that can crash/restart the CM process when processing crafted SIP messages. CVSS base score in ...
CVE-2009-2052
Cisco Unified Communications Manager aka CUCM, formerly CallManager 4.x, 5.x before 5.13g, 6.x before 6.14, 7.0 before 7.02, and 7.1 before 7.12; and Cisco Unified Presence 1.x, 6.x before 6.06, and 7.x before 7.04; allows remote attackers to cause a denial of service TCP services outage via a...
CVE-2009-2054
CVE-2009-2054 affects Cisco Unified Communications Manager (CUCM) 4.x, 5.x (before 5.1(3g)), 6.x (before 6.1(4)), 7.0 (before 7.0(2a)su1) and 7.1 (before 7.1(2a)su1). It enables remote attackers to cause a denial of service via a flood of TCP packets, leading to file-descriptor exhaustion and SIP...
CVE-2009-2050
CVE-2009-2050 concerns Cisco Unified Communications Manager (CUCM, formerly CallManager). The issue allows a remote attacker to cause a denial-of-service (voice-services outage) by sending a malformed header in a SIP message (Bug CSCsi46466). Affected products are CUCM before version 6.1(1), with...
CVE-2009-2053
Cisco Unified Communications Manager (CUCM) is affected by CVE-2009-2053 via a DoS vulnerability in the SCCP path: a flood of TCP packets can exhaust file descriptors and cause SCCP outages. Affected versions include CUCM 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 ...
CVE-2009-2052
CVE-2009-2052 affects Cisco Unified Communications Manager (CUCM) and Cisco Unified Presence. The DoS arises from the embedded firewall’s connection-tracking table being overwhelmed by many TCP connections, potentially interrupting system services. Affected CUCM versions: 4.x; 5.x up to 5.1(3g); ...
Code injection
The IP Phone Personal Address Book PAB Synchronizer feature in Cisco Unified Communications Manager aka CUCM, formerly CallManager 4.1, 4.2 before 4.23SR4b, 4.3 before 4.32SR1b, 5.x before 5.13e, 6.x before 6.13, and 7.0 before 7.02 sends privileged directory-service account credentials to the...
CVE-2009-0632
CVE-2009-0632 affects Cisco Unified Communications Manager (CUCM) IP Phone Personal Address Book (PAB) Synchronizer. The vulnerability leaks privileged directory-service credentials to the client during PAB sync, allowing an attacker who intercepts credentials to modify CUCM configuration and esc...
Cisco Unified Communications Manager CTI服务拒绝服务漏洞
BUGTRAQ ID: 29933 CVECAN ID: CVE-2008-2061 Cisco Unified Communications Manager(CUCM,之前被称为CallManager)是Cisco IP电话解决方案中的呼叫处理组件。 CUCM的计算机电话集成(CTI)管理器服务在处理畸形输入时存在拒绝服务漏洞,远程攻击者可以通过向默认的TCP 2748监听端口发送恶意报文导致语音服务中断。 Cisco Unified Communications Manager 6.x Cisco Unified Communications Manager 5.x 临时解决方法:...
Cisco Unified Communications Manager RIS数据收集器服务绕过认证漏洞
BUGTRAQ ID: 29935 CVECAN ID: CVE-2008-2062,CVE-2008-2730 Cisco Unified Communications Manager(CUCM,之前被称为CallManager)是Cisco IP电话解决方案中的呼叫处理组件。 CUCM的实时信息服务器(RIS)数据收集器服务存在绕过认证漏洞,可能导致非授权泄露某些CUCM集群信息。...