Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:3482
HistoryJun 28, 2008 - 12:00 a.m.

Cisco Unified Communications Manager CTI服务拒绝服务漏洞

2008-06-2800:00:00
Root
www.seebug.org
11

0.011 Low

EPSS

Percentile

82.9%

JSON

BUGTRAQ ID: 29933
CVE(CAN) ID: CVE-2008-2061

Cisco Unified Communications Manager(CUCM,之前被称为CallManager)是Cisco IP电话解决方案中的呼叫处理组件。

CUCM的计算机电话集成(CTI)管理器服务在处理畸形输入时存在拒绝服务漏洞,远程攻击者可以通过向默认的TCP 2748监听端口发送恶意报文导致语音服务中断。

Cisco Unified Communications Manager 6.x
Cisco Unified Communications Manager 5.x
临时解决方法:

  • 仅允许来自包含有运行启用了CTI应用的网络对TCP 2748端口的访问。

厂商补丁:

Cisco

Cisco已经为此发布了一个安全公告(cisco-sa-20080625-cucm)以及相应补丁:
cisco-sa-20080625-cucm:Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
链接:<a href=“http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml” target=“_blank”>http://www.cisco.com/warp/public/707/cisco-sa-20080625-cucm.shtml</a>

补丁下载:
<a href=“http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&amp;isPlatform=Y&amp;mdfid=280735907&amp;sftType=Unified Communications Manager Updates&amp;treeName=Voice and Unified Communications&amp;modelName=Cisco Unified Communications Manager Version 5.1&amp;mdfLevel=Software Version/Option&amp;treeMdfId=278875240&amp;modifmdfid=null&amp;imname=null&amp;hybrid=Y&amp;imst=N” target=“_blank”>http://tools.cisco.com/support/downloads/go/ReleaseType.x?optPlat=null&amp;isPlatform=Y&amp;mdfid=280735907&amp;sftType=Unified Communications Manager Updates&amp;treeName=Voice and Unified Communications&amp;modelName=Cisco Unified Communications Manager Version 5.1&amp;mdfLevel=Software Version/Option&amp;treeMdfId=278875240&amp;modifmdfid=null&amp;imname=null&amp;hybrid=Y&amp;imst=N</a>
<a href=“http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified Communications Manager Updates&amp;mdfid=281023410&amp;treeName=Voice and Unified Communications&amp;mdfLevel=Software Version/Option&amp;url=null&amp;modelName=Cisco Unified Communications Manager Version 6.1&amp;isPlatform=N&amp;treeMdfId=278875240&amp;modifmdfid=null&amp;imname=null&amp;hybrid=Y&amp;imst=N” target=“_blank”>http://tools.cisco.com/support/downloads/go/PlatformList.x?sftType=Unified Communications Manager Updates&amp;mdfid=281023410&amp;treeName=Voice and Unified Communications&amp;mdfLevel=Software Version/Option&amp;url=null&amp;modelName=Cisco Unified Communications Manager Version 6.1&amp;isPlatform=N&amp;treeMdfId=278875240&amp;modifmdfid=null&amp;imname=null&amp;hybrid=Y&amp;imst=N</a>

Related

prion 1
cve 1
securityvulns 2
cisco 1
prion
prion
Design/Logic Flaw
2008-06-26 17:41:00
cve
cve
CVE-2008-2061
2008-06-26 17:41:00
securityvulns
securityvulns
Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
2008-06-25 00:00:00
Cisco Unified Communications Manager multiple security vulnerabilities
2008-06-25 00:00:00
cisco
cisco
Cisco Unified Communications Manager Denial of Service and Authentication Bypass Vulnerabilities
2008-06-25 16:00:00

0.011 Low

EPSS

Percentile

82.9%

JSON
Related for SSV:3482
prion1cve1securityvulns2cisco1