Cisco Unified Communications Manager SIP服务拒绝服务漏洞

2008-09-26T00:00:00
ID SSV:4106
Type seebug
Reporter Root
Modified 2008-09-26T00:00:00

Description

BUGTRAQ ID: 31367 CVE ID: CVE-2008-3800 CVE-2008-3801 CNCVE ID:CNCVE-20083800 CNCVE-20083801

Cisco Unified Communications Manager是一款Cisco IP电话解决方案中的呼叫处理组件。 Cisco Unified Communications Manager SIP服务处理存在两个拒绝服务攻击,远程攻击者可以利用漏洞使语音服务破坏。 Cisco Unified Communications Manager的SIP实现在处理特定的合法的SIP消息时可触发Cisco Unified Communications Manager进程重载。Cisco Unified CallManager 4.x默认不启用SIP,除非使用了SIP TRUNK。Cisco Unified CallManager 5.x及之后版本默认启用了SIP但不能被禁用。 此漏洞的Cisco bug ID为Cisco Bug ID CSCsu38644和CSCsm46064。CVE ID为CVE-2008-3800和CVE-2008-3801。

Cisco Unified Communications Manager 6.1(2) Cisco Unified Communications Manager 6.1(1a) Cisco Unified Communications Manager 6.1(1) Cisco Unified Communications Manager 6.1 Cisco Unified Communications Manager 6.0(1) Cisco Unified Communications Manager 6.0 (1a) Cisco Unified Communications Manager 6.0 Cisco Unified Communications Manager 5.1(3C) Cisco Unified Communications Manager 5.1(3a) Cisco Unified Communications Manager 5.1(3) Cisco Unified Communications Manager 5.1(2b) Cisco Unified Communications Manager 5.1(2) Cisco Unified Communications Manager 5.1(1) Cisco Unified Communications Manager 5.1 (2a) Cisco Unified Communications Manager 4.3(2)SR1 Cisco Unified Communications Manager 4.3(2) Cisco Unified Communications Manager 4.3(1)sr.1 Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.2(3)sr.2 Cisco Unified Communications Manager 4.2 (3)SR4 Cisco Unified Communications Manager 4.2 (3)SR3 Cisco Unified Communications Manager 4.2 (3)SR2b Cisco Unified Communication Manager 5.0 Cisco Unified CallManager 6.0 Cisco Unified CallManager 5.1 Cisco Unified CallManager 5.0(4a)SU1 Cisco Unified CallManager 5.0(4) Cisco Unified CallManager 5.0(3a) Cisco Unified CallManager 5.0(3) Cisco Unified CallManager 5.0(2) Cisco Unified CallManager 5.0(1) Cisco Unified CallManager 5.0 Cisco Unified CallManager 5.0 Cisco Unified CallManager 5.0 Cisco Unified CallManager 4.3(1)sr1 Cisco Unified CallManager 4.2(3)sr2 Cisco Unified CallManager 4.2(3)SR1 Cisco Unified CallManager 4.2 Cisco Unified CallManager 4.1(3)SR7 Cisco Unified CallManager 4.1(3)sr5 Cisco Unified CallManager 4.1(3)SR4 Cisco Unified CallManager 4.1(3)sr.5 Cisco Unified CallManager 4.1 (3)SR5c Cisco Unified CallManager 4.1 (3)SR5b Cisco Unified CallManager 4.1 Cisco Call Manager 4.1 (3)SR2 Cisco Call Manager 4.1 (3)SR1 Cisco Call Manager 4.1 (3)ES32 Cisco Call Manager 4.1 (3)ES24 Cisco Call Manager 4.1 (3)ES07 Cisco Call Manager 4.1 (2)ES55 Cisco Call Manager 4.1 (2)ES50 Cisco Call Manager 4.1 (2)ES33 Cisco Call Manager 5.1 Cisco Call Manager 4.3(1) Cisco Call Manager 4.2(3) Cisco Call Manager 4.1(3)SR4

可参考如下安全公告获得补丁信息: <a href=http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml target=_blank>http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml</a>