All the vulnerabilites related to cisco - unified_callmanager
cve-2006-5278
Vulnerability from cvelistv5
Published
2007-07-15 22:00
Modified
2024-08-07 19:48
Severity ?
EPSS score ?
Summary
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/19057 | vdb-entry, x_refsource_XF | |
| http://www.iss.net/threats/271.html | third-party-advisory, x_refsource_ISS | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2007/2512 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/26043 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24868 | vdb-entry, x_refsource_BID | |
| http://securitytracker.com/id?1018369 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/36121 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.521Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "negative-integer-bo(19057)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
},
{
"name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/271.html"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "26043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "1018369",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"name": "36121",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36121"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "negative-integer-bo(19057)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
},
{
"name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/271.html"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "26043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "1018369",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"name": "36121",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36121"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5278",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "negative-integer-bo(19057)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
},
{
"name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/271.html"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "26043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "1018369",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018369"
},
{
"name": "36121",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36121"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5278",
"datePublished": "2007-07-15T22:00:00",
"dateReserved": "2006-10-13T00:00:00",
"dateUpdated": "2024-08-07T19:48:28.521Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0027
Vulnerability from cvelistv5
Published
2008-01-17 02:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/486432/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.vupen.com/english/advisories/2008/0171 | vdb-entry, x_refsource_VUPEN | |
| http://securityreason.com/securityalert/3551 | third-party-advisory, x_refsource_SREASON | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml | vendor-advisory, x_refsource_CISCO | |
| http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/39704 | vdb-entry, x_refsource_XF | |
| http://www.securitytracker.com/id?1019223 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/27313 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/28530 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:23.600Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080116 TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/486432/100/0/threaded"
},
{
"name": "ADV-2008-0171",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0171"
},
{
"name": "3551",
"tags": [
"third-party-advisory",
"x_refsource_SREASON",
"x_transferred"
],
"url": "http://securityreason.com/securityalert/3551"
},
{
"name": "20080116 Cisco Unified Communications Manager CTL Provider Heap Overflow",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02"
},
{
"name": "cisco-cucm-ctl-bo(39704)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39704"
},
{
"name": "1019223",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019223"
},
{
"name": "27313",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27313"
},
{
"name": "28530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28530"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-01-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-15T20:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20080116 TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/486432/100/0/threaded"
},
{
"name": "ADV-2008-0171",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0171"
},
{
"name": "3551",
"tags": [
"third-party-advisory",
"x_refsource_SREASON"
],
"url": "http://securityreason.com/securityalert/3551"
},
{
"name": "20080116 Cisco Unified Communications Manager CTL Provider Heap Overflow",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02"
},
{
"name": "cisco-cucm-ctl-bo(39704)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39704"
},
{
"name": "1019223",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019223"
},
{
"name": "27313",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27313"
},
{
"name": "28530",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28530"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-0027",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080116 TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/486432/100/0/threaded"
},
{
"name": "ADV-2008-0171",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0171"
},
{
"name": "3551",
"refsource": "SREASON",
"url": "http://securityreason.com/securityalert/3551"
},
{
"name": "20080116 Cisco Unified Communications Manager CTL Provider Heap Overflow",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml"
},
{
"name": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02",
"refsource": "MISC",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02"
},
{
"name": "cisco-cucm-ctl-bo(39704)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39704"
},
{
"name": "1019223",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019223"
},
{
"name": "27313",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27313"
},
{
"name": "28530",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28530"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-0027",
"datePublished": "2008-01-17T02:00:00",
"dateReserved": "2007-12-17T00:00:00",
"dateUpdated": "2024-08-07T07:32:23.600Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0680
Vulnerability from cvelistv5
Published
2015-03-28 01:00
Modified
2024-08-06 04:17
Severity ?
EPSS score ?
Summary
Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439.
References
| ▼ | URL | Tags |
|---|---|---|
| http://tools.cisco.com/security/center/viewAlert.x?alertId=38079 | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id/1031991 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:17:32.634Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20150327 Cisco Unified Call Manager Arbitrary File Retrieval Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38079"
},
{
"name": "1031991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1031991"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-03-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-01T13:57:00",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20150327 Cisco Unified Call Manager Arbitrary File Retrieval Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38079"
},
{
"name": "1031991",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1031991"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2015-0680",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20150327 Cisco Unified Call Manager Arbitrary File Retrieval Vulnerability",
"refsource": "CISCO",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38079"
},
{
"name": "1031991",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1031991"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2015-0680",
"datePublished": "2015-03-28T01:00:00",
"dateReserved": "2015-01-07T00:00:00",
"dateUpdated": "2024-08-06T04:17:32.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3801
Vulnerability from cvelistv5
Published
2008-09-26 16:00
Modified
2024-08-07 09:52
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/31990 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/31367 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/32013 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2670 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2008/2671 | vdb-entry, x_refsource_VUPEN | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047 | vdb-entry, signature, x_refsource_OVAL | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1020942 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1020939 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:52:59.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "32013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "oval:org.mitre.oval:def:6047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "31990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "32013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "oval:org.mitre.oval:def:6047",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-3801",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "32013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "oval:org.mitre.oval:def:6047",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-3801",
"datePublished": "2008-09-26T16:00:00",
"dateReserved": "2008-08-27T00:00:00",
"dateUpdated": "2024-08-07T09:52:59.636Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3593
Vulnerability from cvelistv5
Published
2006-07-14 20:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016475 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/18952 | vdb-entry, x_refsource_BID | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2006/2774 | vdb-entry, x_refsource_VUPEN | |
| http://www.osvdb.org/27161 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27690 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/21030 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.465Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "27161",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27161"
},
{
"name": "cisco-callmanager-cli-redirect(27690)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27690"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command\u0027s output to a file or folder, aka bug CSCse31704."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "27161",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27161"
},
{
"name": "cisco-callmanager-cli-redirect(27690)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27690"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21030"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3593",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command\u0027s output to a file or folder, aka bug CSCse31704."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016475",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml"
},
{
"name": "ADV-2006-2774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "27161",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27161"
},
{
"name": "cisco-callmanager-cli-redirect(27690)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27690"
},
{
"name": "21030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21030"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3593",
"datePublished": "2006-07-14T20:00:00",
"dateReserved": "2006-07-14T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3594
Vulnerability from cvelistv5
Published
2006-07-14 20:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1016475 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/18952 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/27162 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2006/2774 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27691 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/21030 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.514Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "27162",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27162"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "cisco-callmanager-sip-hostname-bo(27691)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27691"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "27162",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27162"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "cisco-callmanager-sip-hostname-bo(27691)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27691"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21030"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3594",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1016475",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "27162",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27162"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "cisco-callmanager-sip-hostname-bo(27691)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27691"
},
{
"name": "21030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21030"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3594",
"datePublished": "2006-07-14T20:00:00",
"dateReserved": "2006-07-14T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.514Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-3592
Vulnerability from cvelistv5
Published
2006-07-14 20:00
Modified
2024-08-07 18:30
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/27160 | vdb-entry, x_refsource_OSVDB | |
| http://securitytracker.com/id?1016475 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/18952 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/27689 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2006/2774 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/21030 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T18:30:34.506Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27160",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/27160"
},
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "cisco-calllmanager-cli-command-execution(27689)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27689"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/21030"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-07-12T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving \"certain CLI commands,\" aka bug CSCse11005."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "27160",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/27160"
},
{
"name": "1016475",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "cisco-calllmanager-cli-command-execution(27689)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27689"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "21030",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/21030"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-3592",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving \"certain CLI commands,\" aka bug CSCse11005."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27160",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/27160"
},
{
"name": "1016475",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1016475"
},
{
"name": "18952",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"name": "cisco-calllmanager-cli-command-execution(27689)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27689"
},
{
"name": "20060712 Multiple Cisco Unified CallManager Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"name": "ADV-2006-2774",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"name": "21030",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/21030"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-3592",
"datePublished": "2006-07-14T20:00:00",
"dateReserved": "2006-07-14T00:00:00",
"dateUpdated": "2024-08-07T18:30:34.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1833
Vulnerability from cvelistv5
Published
2007-04-03 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017826 | vdb-entry, x_refsource_SECTRACK | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33295 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/24665 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2007/1144 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/23181 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.905Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "cisco-callmanager-sccp-dos(33295)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295"
},
{
"name": "24665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24665"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23181"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "cisco-callmanager-sccp-dos(33295)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295"
},
{
"name": "24665",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24665"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23181"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017826",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "cisco-callmanager-sccp-dos(33295)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295"
},
{
"name": "24665",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24665"
},
{
"name": "ADV-2007-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23181"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1833",
"datePublished": "2007-04-03T00:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.905Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5537
Vulnerability from cvelistv5
Published
2007-10-18 00:00
Modified
2024-08-07 15:31
Severity ?
EPSS score ?
Summary
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26105 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37246 | vdb-entry, x_refsource_XF | |
| http://www.vupen.com/english/advisories/2007/3532 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml | vendor-advisory, x_refsource_CISCO | |
| http://osvdb.org/37941 | vdb-entry, x_refsource_OSVDB | |
| http://www.securitytracker.com/id?1018828 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/27296 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:59.077Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26105",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "cucm-sip-invite-dos(37246)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
},
{
"name": "ADV-2007-3532",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "37941",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37941"
},
{
"name": "1018828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26105",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "cucm-sip-invite-dos(37246)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
},
{
"name": "ADV-2007-3532",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "37941",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37941"
},
{
"name": "1018828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5537",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26105",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "cucm-sip-invite-dos(37246)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
},
{
"name": "ADV-2007-3532",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "37941",
"refsource": "OSVDB",
"url": "http://osvdb.org/37941"
},
{
"name": "1018828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5537",
"datePublished": "2007-10-18T00:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-07T15:31:59.077Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-0026
Vulnerability from cvelistv5
Published
2008-02-14 11:00
Modified
2024-08-07 07:32
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/27775 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/28932 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40484 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1019404 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2008/0542 | vdb-entry, x_refsource_VUPEN |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:32:24.039Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "27775",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/27775"
},
{
"name": "28932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/28932"
},
{
"name": "cucm-interface-sql-injection(40484)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40484"
},
{
"name": "20080213 SQL injection in Cisco Unified Communications Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml"
},
{
"name": "1019404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1019404"
},
{
"name": "ADV-2008-0542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/0542"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "27775",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/27775"
},
{
"name": "28932",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/28932"
},
{
"name": "cucm-interface-sql-injection(40484)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40484"
},
{
"name": "20080213 SQL injection in Cisco Unified Communications Manager",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml"
},
{
"name": "1019404",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1019404"
},
{
"name": "ADV-2008-0542",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/0542"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-0026",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "27775",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/27775"
},
{
"name": "28932",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/28932"
},
{
"name": "cucm-interface-sql-injection(40484)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40484"
},
{
"name": "20080213 SQL injection in Cisco Unified Communications Manager",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml"
},
{
"name": "1019404",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1019404"
},
{
"name": "ADV-2008-0542",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/0542"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-0026",
"datePublished": "2008-02-14T11:00:00",
"dateReserved": "2007-12-17T00:00:00",
"dateUpdated": "2024-08-07T07:32:24.039Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-1744
Vulnerability from cvelistv5
Published
2008-05-16 06:54
Modified
2024-08-07 08:32
Severity ?
EPSS score ?
Summary
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2008/1533 | vdb-entry, x_refsource_VUPEN | |
| http://www.securityfocus.com/bid/29221 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42415 | vdb-entry, x_refsource_XF | |
| http://secunia.com/advisories/30238 | third-party-advisory, x_refsource_SECUNIA | |
| http://securitytracker.com/id?1020022 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T08:32:01.350Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080514 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml"
},
{
"name": "ADV-2008-1533",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/1533"
},
{
"name": "29221",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29221"
},
{
"name": "cucm-capf-dos(42415)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42415"
},
{
"name": "30238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/30238"
},
{
"name": "1020022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1020022"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-07T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "20080514 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml"
},
{
"name": "ADV-2008-1533",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/1533"
},
{
"name": "29221",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29221"
},
{
"name": "cucm-capf-dos(42415)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42415"
},
{
"name": "30238",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/30238"
},
{
"name": "1020022",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1020022"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-1744",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080514 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml"
},
{
"name": "ADV-2008-1533",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/1533"
},
{
"name": "29221",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29221"
},
{
"name": "cucm-capf-dos(42415)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42415"
},
{
"name": "30238",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/30238"
},
{
"name": "1020022",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1020022"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-1744",
"datePublished": "2008-05-16T06:54:00",
"dateReserved": "2008-04-11T00:00:00",
"dateUpdated": "2024-08-07T08:32:01.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1834
Vulnerability from cvelistv5
Published
2007-04-03 00:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017826 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1144 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33299 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/23181 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/24690 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.484Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24690"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24690"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017826",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "cisco-callmanager-presence-icmp-dos(33299)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"name": "23181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24690"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1834",
"datePublished": "2007-04-03T00:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.484Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-3800
Vulnerability from cvelistv5
Published
2008-09-26 16:00
Modified
2024-08-07 09:53
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/31990 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/31367 | vdb-entry, x_refsource_BID | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086 | vdb-entry, signature, x_refsource_OVAL | |
| http://secunia.com/advisories/32013 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2008/2670 | vdb-entry, x_refsource_VUPEN | |
| http://www.vupen.com/english/advisories/2008/2671 | vdb-entry, x_refsource_VUPEN | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1020942 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securitytracker.com/id?1020939 | vdb-entry, x_refsource_SECTRACK | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml | vendor-advisory, x_refsource_CISCO |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T09:53:00.234Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "31990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "oval:org.mitre.oval:def:6086",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"
},
{
"name": "32013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-24T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-28T12:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "31990",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "oval:org.mitre.oval:def:6086",
"tags": [
"vdb-entry",
"signature",
"x_refsource_OVAL"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"
},
{
"name": "32013",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2008-3800",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "31990",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31990"
},
{
"name": "31367",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31367"
},
{
"name": "oval:org.mitre.oval:def:6086",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"
},
{
"name": "32013",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/32013"
},
{
"name": "ADV-2008-2670",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"name": "ADV-2008-2671",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"name": "20080924 Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"name": "1020942",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020942"
},
{
"name": "1020939",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1020939"
},
{
"name": "20080924 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2008-3800",
"datePublished": "2008-09-26T16:00:00",
"dateReserved": "2008-08-27T00:00:00",
"dateUpdated": "2024-08-07T09:53:00.234Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-5538
Vulnerability from cvelistv5
Published
2007-10-18 00:00
Modified
2024-08-07 15:31
Severity ?
EPSS score ?
Summary
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/26105 | vdb-entry, x_refsource_BID | |
| http://osvdb.org/37940 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/3532 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/37247 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1018828 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/27296 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T15:31:59.183Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "26105",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "37940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/37940"
},
{
"name": "ADV-2007-3532",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "cucm-tftp-filename-bo(37247)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37247"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "1018828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/27296"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-10-17T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "26105",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "37940",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/37940"
},
{
"name": "ADV-2007-3532",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "cucm-tftp-filename-bo(37247)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37247"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "1018828",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/27296"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-5538",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "26105",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"name": "37940",
"refsource": "OSVDB",
"url": "http://osvdb.org/37940"
},
{
"name": "ADV-2007-3532",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"name": "cucm-tftp-filename-bo(37247)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37247"
},
{
"name": "20071017 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"name": "1018828",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"name": "27296",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/27296"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-5538",
"datePublished": "2007-10-18T00:00:00",
"dateReserved": "2007-10-17T00:00:00",
"dateUpdated": "2024-08-07T15:31:59.183Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5553
Vulnerability from cvelistv5
Published
2006-10-26 17:00
Modified
2024-08-07 19:55
Severity ?
EPSS score ?
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017118 | vdb-entry, x_refsource_SECTRACK | |
| http://www.securityfocus.com/bid/20737 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/29829 | vdb-entry, x_refsource_XF | |
| http://www.osvdb.org/30055 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2006/4198 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/22574 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:55:53.339Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/22574"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-10-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017118",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/22574"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5553",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017118",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017118"
},
{
"name": "20737",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/20737"
},
{
"name": "csa-port-scan-dos(29829)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"name": "30055",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/30055"
},
{
"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"name": "ADV-2006-4198",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"name": "22574",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/22574"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5553",
"datePublished": "2006-10-26T17:00:00",
"dateReserved": "2006-10-26T00:00:00",
"dateUpdated": "2024-08-07T19:55:53.339Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-5277
Vulnerability from cvelistv5
Published
2007-07-15 21:00
Modified
2024-08-07 19:48
Severity ?
EPSS score ?
Summary
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/36122 | vdb-entry, x_refsource_OSVDB | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.vupen.com/english/advisories/2007/2512 | vdb-entry, x_refsource_VUPEN | |
| http://www.iss.net/threats/270.html | third-party-advisory, x_refsource_ISS | |
| http://secunia.com/advisories/26043 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/24868 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/31437 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1018369 | vdb-entry, x_refsource_SECTRACK |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T19:48:28.519Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "36122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/36122"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "20070711 Cisco Call Manager CTLProvider.exe Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS",
"x_transferred"
],
"url": "http://www.iss.net/threats/270.html"
},
{
"name": "26043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "voip-filename-overflow(31437)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31437"
},
{
"name": "1018369",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1018369"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-07-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-19T15:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "36122",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/36122"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "20070711 Cisco Call Manager CTLProvider.exe Remote Code Execution",
"tags": [
"third-party-advisory",
"x_refsource_ISS"
],
"url": "http://www.iss.net/threats/270.html"
},
{
"name": "26043",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "voip-filename-overflow(31437)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31437"
},
{
"name": "1018369",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1018369"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-5277",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "36122",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/36122"
},
{
"name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"name": "ADV-2007-2512",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"name": "20070711 Cisco Call Manager CTLProvider.exe Remote Code Execution",
"refsource": "ISS",
"url": "http://www.iss.net/threats/270.html"
},
{
"name": "26043",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/26043"
},
{
"name": "24868",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/24868"
},
{
"name": "voip-filename-overflow(31437)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31437"
},
{
"name": "1018369",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1018369"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-5277",
"datePublished": "2007-07-15T21:00:00",
"dateReserved": "2006-10-13T00:00:00",
"dateUpdated": "2024-08-07T19:48:28.519Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2864
Vulnerability from cvelistv5
Published
2009-09-28 18:20
Modified
2024-08-07 06:07
Severity ?
EPSS score ?
Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/58344 | vdb-entry, x_refsource_OSVDB | |
| http://tools.cisco.com/security/center/viewAlert.x?alertId=18883 | x_refsource_CONFIRM | |
| http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securitytracker.com/id?1022931 | vdb-entry, x_refsource_SECTRACK | |
| http://secunia.com/advisories/36836 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2009/2757 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/53447 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/36496 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:07:36.537Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "58344",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/58344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883"
},
{
"name": "20090923 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml"
},
{
"name": "1022931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id?1022931"
},
{
"name": "36836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/36836"
},
{
"name": "ADV-2009-2757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/2757"
},
{
"name": "cisco-ucm-sip-dos(53447)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53447"
},
{
"name": "36496",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/36496"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-09-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"shortName": "cisco"
},
"references": [
{
"name": "58344",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/58344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883"
},
{
"name": "20090923 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml"
},
{
"name": "1022931",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id?1022931"
},
{
"name": "36836",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/36836"
},
{
"name": "ADV-2009-2757",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/2757"
},
{
"name": "cisco-ucm-sip-dos(53447)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53447"
},
{
"name": "36496",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/36496"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "psirt@cisco.com",
"ID": "CVE-2009-2864",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "58344",
"refsource": "OSVDB",
"url": "http://osvdb.org/58344"
},
{
"name": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883",
"refsource": "CONFIRM",
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883"
},
{
"name": "20090923 Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability",
"refsource": "CISCO",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml"
},
{
"name": "1022931",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id?1022931"
},
{
"name": "36836",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/36836"
},
{
"name": "ADV-2009-2757",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/2757"
},
{
"name": "cisco-ucm-sip-dos(53447)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53447"
},
{
"name": "36496",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/36496"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
"assignerShortName": "cisco",
"cveId": "CVE-2009-2864",
"datePublished": "2009-09-28T18:20:00",
"dateReserved": "2009-08-19T00:00:00",
"dateUpdated": "2024-08-07T06:07:36.537Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2007-1826
Vulnerability from cvelistv5
Published
2007-04-02 23:00
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
References
| ▼ | URL | Tags |
|---|---|---|
| http://securitytracker.com/id?1017826 | vdb-entry, x_refsource_SECTRACK | |
| http://www.vupen.com/english/advisories/2007/1144 | vdb-entry, x_refsource_VUPEN | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/33302 | vdb-entry, x_refsource_XF | |
| http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml | vendor-advisory, x_refsource_CISCO | |
| http://www.securityfocus.com/bid/23181 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/24690 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/34919 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T13:13:40.589Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO",
"x_transferred"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/34919"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2007-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "1017826",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"tags": [
"vendor-advisory",
"x_refsource_CISCO"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/34919"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2007-1826",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1017826",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1017826"
},
{
"name": "ADV-2007-1144",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"name": "cisco-callmanager-presence-ipsec-dos(33302)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"name": "20070328 Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities",
"refsource": "CISCO",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"name": "23181",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"name": "24690",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/24690"
},
{
"name": "34919",
"refsource": "OSVDB",
"url": "http://osvdb.org/34919"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2007-1826",
"datePublished": "2007-04-02T23:00:00",
"dateReserved": "2007-04-02T00:00:00",
"dateUpdated": "2024-08-07T13:13:40.589Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Vulnerability from fkie_nvd
Published
2007-04-02 23:19
Modified
2024-11-21 00:29
Severity ?
Summary
Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a \"specific UDP packet\" to UDP port 8500, aka bug ID CSCsg60949."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en en el servicio IPSec Manager para Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de servicios de cl\u00faster) mediante un \"paquete UDP espec\u00edfico\" al puerto UDP 8500, tambi\u00e9n conocido como bug ID CSCSG60949."
}
],
"id": "CVE-2007-1826",
"lastModified": "2024-11-21T00:29:14.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-02T23:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/34919"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/34919"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33302"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-18 00:17
Modified
2024-11-21 00:38
Severity ?
Summary
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_communications_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C144784A-941D-4919-9E21-1E2AD2738A08",
"versionEndIncluding": "5.1\\(2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Centralized TFTP File Locator Service de Cisco Unified Communications Manager (CUCM, antes conocido como CallManager) 5.1 anterior a 5.1(3), y Unified CallManager 5.0, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n o provocar una denegaci\u00f3n de servicio mediante vectores no especificados que implican el procesamiento de nombres de fichero, tambi\u00e9n conocido como CSCsh47712."
}
],
"id": "CVE-2007-5538",
"lastModified": "2024-11-21T00:38:08.203",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-18T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37940"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27296"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37247"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37940"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37247"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-10-18 00:17
Modified
2024-11-21 00:38
Severity ?
Summary
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_communications_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "C144784A-941D-4919-9E21-1E2AD2738A08",
"versionEndIncluding": "5.1\\(2\\)",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822."
},
{
"lang": "es",
"value": "Cisco Unified communications Manager (CUCM, anteriormente CallManager) 5.1 anterior a 5.1(2), y Unified CallManager 5.0, permiten a atacantes remotos provocar una denegaci\u00f3n de servicio (kernel panic) mediante una inundaci\u00f3n de mensajes SIP INVITE al puerto UDP 5060, lo cual dispara un agotamiento de recursos, tambi\u00e9n conocida como, CSCsi75822."
}
],
"id": "CVE-2007-5537",
"lastModified": "2024-11-21T00:38:08.053",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-10-18T00:17:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/37941"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/27296"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"source": "cve@mitre.org",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/37941"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/27296"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/26105"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1018828"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/3532"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37246"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-399"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-26 16:21
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 4.1 | |
| cisco | unified_callmanager | 4.2 | |
| cisco | unified_callmanager | 4.3 | |
| cisco | unified_communications_manager | 4.1 | |
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.1 | |
| cisco | unified_communications_manager | 6.1 | |
| cisco | ios | 12.2 | |
| cisco | ios | 12.3 | |
| cisco | ios | 12.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5E0999-9FB7-4255-A8CF-5D74E70FD56A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50BA656D-4103-4BE7-9C8A-BDC9580B7E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E29A61E-334B-4F95-9B47-8F53A4DB3EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP est\u00e1 configurada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de proceso o de dispositivo) a trav\u00e9s de mensajes SIP v\u00e1lidos no especificados, tambi\u00e9n conocidos como \"Cisco Bug ID CSCsu38644\". Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802."
}
],
"id": "CVE-2008-3800",
"lastModified": "2024-11-21T00:50:09.610",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-26T16:21:44.067",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31990"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32013"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6086"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-09-26 16:21
Modified
2024-11-21 00:50
Severity ?
Summary
Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 4.1 | |
| cisco | unified_callmanager | 4.2 | |
| cisco | unified_callmanager | 4.3 | |
| cisco | unified_communications_manager | 4.1 | |
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.1 | |
| cisco | unified_communications_manager | 6.1 | |
| cisco | ios | 12.2 | |
| cisco | ios | 12.3 | |
| cisco | ios | 12.4 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5E0999-9FB7-4255-A8CF-5D74E70FD56A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "50BA656D-4103-4BE7-9C8A-BDC9580B7E4C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "1E29A61E-334B-4F95-9B47-8F53A4DB3EB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E4BC49F2-3DCB-45F0-9030-13F6415EE178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*",
"matchCriteriaId": "0668C45B-9D25-424B-B876-C1721BFFE5DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:cisco:ios:12.4:*:*:*:*:*:*:*",
"matchCriteriaId": "9D4D8C72-E7BB-40BF-9AE5-622794D63E09",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la implementaci\u00f3n de la Session Initiation Protocol en Cisco IOS v12.2 a la v12.4 y Unified Communications Manager v4.1 a la v6.1, cuando VoIP est\u00e1 configurada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de proceso o de dispositivo) a trav\u00e9s de mensajes SIP v\u00e1lidos no especificados. Vulnerabilidad distinta de CVE-2008-3800 y CVE-2008-3802."
}
],
"id": "CVE-2008-3801",
"lastModified": "2024-11-21T00:50:09.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.1,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-09-26T16:21:44.080",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31990"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32013"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/31990"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/32013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a01562.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0156a.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/31367"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020939"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id?1020942"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2670"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required"
],
"url": "http://www.vupen.com/english/advisories/2008/2671"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6047"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-05-16 12:54
Modified
2024-11-21 00:45
Severity ?
Summary
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 4.1 | |
| cisco | unified_callmanager | 4.1_3_sr4 | |
| cisco | unified_callmanager | 4.1_3_sr5 | |
| cisco | unified_callmanager | 4.1_3_sr5b | |
| cisco | unified_callmanager | 4.1_3_sr5c | |
| cisco | unified_communications_manager | 4.2_3_sr2 | |
| cisco | unified_communications_manager | 4.2_3_sr2b | |
| cisco | unified_communications_manager | 4.2_3_sr3 | |
| cisco | unified_communications_manager | 4.3 | |
| cisco | unified_communications_manager | 4.3_1_sr1 | |
| cisco | unified_communications_manager | 5.1_1 | |
| cisco | unified_communications_manager | 5.1_2 | |
| cisco | unified_communications_manager | 5.1_2a | |
| cisco | unified_communications_manager | 5.1_2b | |
| cisco | unified_communications_manager | 5.1_3a | |
| cisco | unified_communications_manager | 6.0 | |
| cisco | unified_communications_manager | 6.0_1 | |
| cisco | unified_communications_manager | 6.0_1a | |
| cisco | unified_communications_manager | 6.1 | |
| cisco | unified_communications_manager | 6.1_1a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1_3_sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "5669BB8E-3799-46AD-9E31-96BF3F60B20D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1_3_sr5:*:*:*:*:*:*:*",
"matchCriteriaId": "236C3A89-D732-423F-9885-5B429DBDF257",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1_3_sr5b:*:*:*:*:*:*:*",
"matchCriteriaId": "88DC4709-EE11-45CF-B929-A0623F254341",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1_3_sr5c:*:*:*:*:*:*:*",
"matchCriteriaId": "10A04B5A-D912-43F5-8143-21C23207F6B9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2_3_sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "5ED2283C-822A-45B1-B82B-90EEB78CD372",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2_3_sr2b:*:*:*:*:*:*:*",
"matchCriteriaId": "A6A6AC6B-D3CD-4F05-A73F-61041C6DB514",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2_3_sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "939CD685-4539-421F-BC12-36E641301E8D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "577571D6-AC59-4A43-B9A5-7B6FC6D2046C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3_1_sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "97DC0190-A028-489D-BF61-8A49A91C15B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_1:*:*:*:*:*:*:*",
"matchCriteriaId": "2740B5E5-E8D2-491E-B174-A1A9DF812418",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2:*:*:*:*:*:*:*",
"matchCriteriaId": "60D93DAA-0ED6-4DA5-B7A5-50D5567A6178",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2a:*:*:*:*:*:*:*",
"matchCriteriaId": "DEA1ABD3-D076-4CA6-A12D-3C3BB5080B1D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2b:*:*:*:*:*:*:*",
"matchCriteriaId": "54B14EC5-4391-4698-BF6F-2726FD28D318",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_3a:*:*:*:*:*:*:*",
"matchCriteriaId": "B5F1270F-DBF6-4938-A1A0-732EE52C83E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "05F443F9-B454-42B3-8464-ACEA40066DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0_1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1FBF1FDC-7096-4EE6-B9A2-0C9971F407D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1_1a:*:*:*:*:*:*:*",
"matchCriteriaId": "047E45A0-C0F0-4900-B5FB-8F0A5852732D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770."
},
{
"lang": "es",
"value": "El servicio Certificate Authority Proxy Function (CAPF) service de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, y 4.3 versiones anteriores a 4.3(2) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (ca\u00edda del servicio) a trav\u00e9s de tr\u00e1fico de red malformado, tambi\u00e9n conocido como Bug ID CSCsk46770."
}
],
"id": "CVE-2008-1744",
"lastModified": "2024-11-21T00:45:13.810",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-05-16T12:54:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/30238"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securitytracker.com/id?1020022"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/29221"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/1533"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42415"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/30238"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1020022"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/29221"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/1533"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42415"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-10-26 17:07
Modified
2024-11-21 00:19
Severity ?
Summary
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | security_agent | 4.5 | |
| cisco | security_agent | 4.5.1 | |
| cisco | security_agent | 4.5.1.639 | |
| cisco | security_agent | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*",
"matchCriteriaId": "5562E755-E4A3-4656-859A-40757012BE89",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "84A1657D-BBC9-4CF5-8F5A-486FAC8B9489",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*",
"matchCriteriaId": "14F08C40-7A58-4B0B-A3A1-6F23DB113F22",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "E171031D-51C1-41BB-96E4-DFFF0C36B74B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."
},
{
"lang": "es",
"value": "Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resource consumption) mediante una exploraci\u00f3n de puertos con opciones concretas."
}
],
"evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nCisco, Unified CallManager, 5.0(4)\r\nCisco, Unified CallManager, 5.0(4a) with CSA COP upgrade\r\nCisco, Unified Presence Server, 1.0(2) with CSA COP upgrade\r\nCisco, Security Agent, 5.0.193\r\nCisco, Security Agent, 4.5.1.657\r\nCisco, Security Agent, 5.1",
"id": "CVE-2006-5553",
"lastModified": "2024-11-21T00:19:42.277",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-10-26T17:07:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/22574"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1017118"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/30055"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/22574"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1017118"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/30055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/20737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/4198"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-01-17 03:00
Modified
2024-11-21 00:40
Severity ?
Summary
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 4.0 | |
| cisco | unified_callmanager | 4.1 | |
| cisco | unified_callmanager | 4.1\(3\)sr4 | |
| cisco | unified_callmanager | 4.1\(3\)sr5 | |
| cisco | unified_callmanager | 4.1\(3\)sr5b | |
| cisco | unified_communications_manager | 4.2 | |
| cisco | unified_communications_manager | 4.2.3sr2 | |
| cisco | unified_communications_manager | 4.2.3sr2b | |
| cisco | unified_communications_manager | 4.3 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.0:*:*:*:*:*:*:*",
"matchCriteriaId": "FF04567B-73C5-4ACC-9B31-5C3BAAB6E641",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "20A8643E-304C-4879-8CD5-209C1016DF31",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr5:*:*:*:*:*:*:*",
"matchCriteriaId": "FA1FF9B0-3BEB-4256-8D50-11CD6EEF04BD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr5b:*:*:*:*:*:*:*",
"matchCriteriaId": "D909C0AF-F213-4371-8A35-C5720B43ED90",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "E6C20851-DC17-4E89-A6C1-D1B52D47608F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "19432E5E-EA68-4B7A-8B99-DEBACBC3F160",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2.3sr2b:*:*:*:*:*:*:*",
"matchCriteriaId": "ABE4CD8E-F27C-4F96-B955-FC1E71B5D55B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*",
"matchCriteriaId": "577571D6-AC59-4A43-B9A5-7B6FC6D2046C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer basado en pila en el servicio proveedor de Listas de Certificados Confiables (CTL, Certificate Trust List) (CTLProvider.exe) en Cisco Unified Communications Manager (CUCM) 4.2 anterior a 4.2(3)SR3 y 4.3 anterior a 4.3(1)SR1, y CallManager 4.0 y 4.1 anterior a 4.1(3)SR5c, permite a atacantes remotos provocar una denegaci\u00f3n de servicio o ejecutar c\u00f3digo de su elecci\u00f3n mediante una petici\u00f3n larga."
}
],
"id": "CVE-2008-0027",
"lastModified": "2024-11-21T00:40:59.670",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-01-17T03:00:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02"
},
{
"source": "ykramarz@cisco.com",
"url": "http://secunia.com/advisories/28530"
},
{
"source": "ykramarz@cisco.com",
"url": "http://securityreason.com/securityalert/3551"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/archive/1/486432/100/0/threaded"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/27313"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1019223"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.vupen.com/english/advisories/2008/0171"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39704"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://dvlabs.tippingpoint.com/advisory/TPTI-08-02"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/28530"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securityreason.com/securityalert/3551"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/486432/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27313"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019223"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2008/0171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39704"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-18 15:37
Modified
2024-11-21 00:13
Severity ?
Summary
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving \"certain CLI commands,\" aka bug CSCse11005."
},
{
"lang": "es",
"value": "Vulnerabilidad no especificada en la interfaz de l\u00ednea de comando (CLI) en Cisco Unified CallManager (CUCM) 5.0(1) hasta la 5.0(3a) permite a usuarios locales ejecutar comandos de su elecci\u00f3n con privilegios elevados a trav\u00e9s de vectores no especificados, afectando a \"ciertos comandos CLI\", tambi\u00e9n conocido como fallo CSCse11005."
}
],
"evaluatorSolution": "Upgrade to Cisco Unified CallManager version 5.0(4) :\r\nhttp://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-50",
"id": "CVE-2006-3592",
"lastModified": "2024-11-21T00:13:58.270",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.6,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-18T15:37:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27160"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27689"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27160"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27689"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-03-28 01:59
Modified
2024-11-21 02:23
Severity ?
Summary
Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 9.1\(2.1000.28\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:9.1\\(2.1000.28\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5C1B4A43-3C83-4EF9-96C7-15FE1461D34A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Call Manager (CM) 9.1(2.1000.28) does not properly restrict resource requests, which allows remote authenticated users to read arbitrary files via unspecified vectors, aka Bug ID CSCuq44439."
},
{
"lang": "es",
"value": "Cisco Unified Call Manager (CM) 9.1(2.1000.28) no restringe correctamente las solicitudes de recursos, lo que permite a usuarios remotos autenticados leer ficheros arbitrarios a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como Bug ID CSCuq44439."
}
],
"id": "CVE-2015-0680",
"lastModified": "2024-11-21T02:23:31.583",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2015-03-28T01:59:53.833",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38079"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id/1031991"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38079"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id/1031991"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-03 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 3.3 | |
| cisco | unified_callmanager | 3.3\(2\) | |
| cisco | unified_callmanager | 3.3\(2\)spb | |
| cisco | unified_callmanager | 3.3\(2\)spc | |
| cisco | unified_callmanager | 3.3\(3\) | |
| cisco | unified_callmanager | 3.3\(3\)sr1 | |
| cisco | unified_callmanager | 3.3\(3\)sr4 | |
| cisco | unified_callmanager | 3.3\(4\) | |
| cisco | unified_callmanager | 3.3\(4\)sr1a | |
| cisco | unified_callmanager | 3.3\(5\) | |
| cisco | unified_callmanager | 3.3\(5\)sr1 | |
| cisco | unified_callmanager | 3.3\(5\)sr1a | |
| cisco | unified_callmanager | 4.1 | |
| cisco | unified_callmanager | 4.1\(2\) | |
| cisco | unified_callmanager | 4.1\(3\) | |
| cisco | unified_callmanager | 4.1\(3\)sr1 | |
| cisco | unified_callmanager | 4.1\(3\)sr2 | |
| cisco | unified_callmanager | 4.1\(3\)sr3 | |
| cisco | unified_callmanager | 4.2 | |
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3:*:*:*:*:*:*:*",
"matchCriteriaId": "490CBADD-C3A0-4274-B44A-B260944DF4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E31A571C-9F1F-409E-A80B-BAC0B4D6D156",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\)spb:*:*:*:*:*:*:*",
"matchCriteriaId": "F45C710A-9FC4-41BD-A687-7BCC8BF6C188",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(2\\)spc:*:*:*:*:*:*:*",
"matchCriteriaId": "9D219B98-0862-4A73-9BF4-3EB5312F8311",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "52F78BD0-89CD-423E-992D-BA4571E4B2B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "935E2870-47B2-4060-B210-DB4D592184B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(3\\)sr4:*:*:*:*:*:*:*",
"matchCriteriaId": "CDDA2970-A899-44D2-9D79-3AB8076DD64E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8734CCC0-480A-4BB6-9229-E9330E804F49",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(4\\)sr1a:*:*:*:*:*:*:*",
"matchCriteriaId": "1E10555C-5867-47D2-B28D-37059D21666D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\):*:*:*:*:*:*:*",
"matchCriteriaId": "89C97505-B950-4504-A39E-84650FD11DA7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "D826CEFC-07D9-42AB-A3B7-3D413FF33278",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:3.3\\(5\\)sr1a:*:*:*:*:*:*:*",
"matchCriteriaId": "007F68B2-4B93-49EF-BE24-4B02F8FE20BF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "AC772518-51CC-4692-BEB2-2C9C2A215F44",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9FA7E8CF-B373-439C-A2F8-5792C88849D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8E90C926-6741-4E17-A25A-182BEFF7D304",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
"matchCriteriaId": "78B94D63-A505-491B-8882-3CFEFA8031B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr2:*:*:*:*:*:*:*",
"matchCriteriaId": "E17255F3-9E15-482F-BD77-22B5B0F900B2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.1\\(3\\)sr3:*:*:*:*:*:*:*",
"matchCriteriaId": "0D020BDD-3DA2-424B-9EA2-2ED7DA79AD25",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:4.2:*:*:*:*:*:*:*",
"matchCriteriaId": "9A5E0999-9FB7-4255-A8CF-5D74E70FD56A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port."
},
{
"lang": "es",
"value": "La implementaci\u00f3n del protocolo Skinny Call Control (SCCP) para el Cisco Unified CallManager (CUCM) 3.3 anterior al 3.3(5)SR2a, 4.1 anterior al 4.1(3)SR4, 4.2 anterior al 4.2(3)SR1 y 5.0 anterior al 5.0(4a)SU1 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida del servicio de voz) mediante el env\u00edo de paquetes modificados al puerto (1) SCCP (2000/tcp) o (2) SCCPS (2443/tcp)."
}
],
"id": "CVE-2007-1833",
"lastModified": "2024-11-21T00:29:15.967",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-03T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24665"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24665"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33295"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-15 21:30
Modified
2024-11-21 00:18
Severity ?
Summary
Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_communications_manager | * | |
| cisco | unified_communications_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7454C447-FE60-4DAE-8241-A9416A7206A6",
"versionEndIncluding": "3.3\\(5\\)sr2",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C88AFF-AC92-4CCF-869F-14E7DB9CF1C3",
"versionEndIncluding": "4.1\\(3\\)sr4",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB2FA97-9DDA-49D9-A931-D3AD130018E4",
"versionEndIncluding": "4.2\\(3\\)sr1",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC80E93-195E-47EB-9D96-7CA5BCF1F73B",
"versionEndIncluding": "4.3\\(1\\)",
"versionStartIncluding": "4.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F5EC537A-4E55-4779-B847-A156FCE98F51",
"versionEndIncluding": "5.1\\(1\\)",
"versionStartIncluding": "5.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Error de superaci\u00f3n de l\u00edmite (off-by-one) en el servicio Certificate Trust List (CTL) Provider (CTLProvider.exe) de Cisco Unified Communications Manager (CUCM, anteriormente CallManager) anterior al 11/07/2007 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante un paquete manipulado que dispara un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2006-5277",
"lastModified": "2024-11-21T00:18:34.923",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.3,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T21:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26043"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/threats/270.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/36122"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31437"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/threats/270.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/36122"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/31437"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-18 15:37
Modified
2024-11-21 00:13
Severity ?
Summary
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command\u0027s output to a file or folder, aka bug CSCse31704."
},
{
"lang": "es",
"value": "La interfaz de linea de comando (CLI) en Cisco Unified CallManager (CUCM) 5.0(1) hasta la 5.0(3a) permite a usuarios locales sobrescribir archivos de su elecci\u00f3n a trav\u00e9s de la redirecci\u00f3n de comandos de salida a un archivo o carpeta, tambi\u00e9n conocida como fallo CSCse31704."
}
],
"evaluatorSolution": "Update to version 5.0(4) or later.\r\n",
"id": "CVE-2006-3593",
"lastModified": "2024-11-21T00:13:59.057",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-18T15:37:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "cve@mitre.org",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27161"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00806e0b9f.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27690"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-07-15 22:30
Modified
2024-11-21 00:18
Severity ?
Summary
Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | * | |
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_communications_manager | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7454C447-FE60-4DAE-8241-A9416A7206A6",
"versionEndIncluding": "3.3\\(5\\)sr2",
"versionStartIncluding": "3.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F2C88AFF-AC92-4CCF-869F-14E7DB9CF1C3",
"versionEndIncluding": "4.1\\(3\\)sr4",
"versionStartIncluding": "4.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0FB2FA97-9DDA-49D9-A931-D3AD130018E4",
"versionEndIncluding": "4.2\\(3\\)sr1",
"versionStartIncluding": "4.2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "487FC0BB-ACBE-479B-B7A7-33059EF3D59B",
"versionEndIncluding": "5.1\\(2\\)",
"versionStartIncluding": "5.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5FC80E93-195E-47EB-9D96-7CA5BCF1F73B",
"versionEndIncluding": "4.3\\(1\\)",
"versionStartIncluding": "4.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
},
{
"lang": "es",
"value": "Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes manipulados, resultando en un desbordamiento de b\u00fafer basado en mont\u00edculo."
}
],
"id": "CVE-2006-5278",
"lastModified": "2024-11-21T00:18:35.180",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": true,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-07-15T22:30:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26043"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/threats/271.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/36121"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"source": "cve@mitre.org",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "http://secunia.com/advisories/26043"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://securitytracker.com/id?1018369"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.iss.net/threats/271.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Broken Link"
],
"url": "http://www.osvdb.org/36121"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/24868"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Permissions Required",
"Third Party Advisory"
],
"url": "http://www.vupen.com/english/advisories/2007/2512"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-07-18 15:37
Modified
2024-11-21 00:13
Severity ?
Summary
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542."
},
{
"lang": "es",
"value": "Desbordamiento de b\u00fafer en Cisco Unified CallManager (CUCM) 5.0(1) hasta la 5.0(3a) permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un nombre de host en una respuesta SIP, tambi\u00e9n conocida como bug CSCsd96542."
}
],
"id": "CVE-2006-3594",
"lastModified": "2024-11-21T00:13:59.187",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": true,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-07-18T15:37:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/27162"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/21030"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1016475"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20060712-cucm.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/27162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/18952"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/2774"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/27691"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-09-28 19:30
Modified
2024-11-21 01:05
Severity ?
Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "163B798C-B207-4CA6-AF8A-5955F5B89A56",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "3841B111-FEFE-4367-AFF0-B7F17D468E87",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "5DE9B3F9-6650-4568-B5FB-C228BD367002",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC17139-DB98-4C59-B29B-1B792C67EB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "949045EF-8CB3-453A-8C4C-9B0B12775396",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "569E4CE4-119A-432D-9EE0-01E19DC9E918",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "99495B1F-90E6-4405-AA08-2764D6EB34DB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E3E60E9F-A0F8-4B3C-9DB3-8D5BE3D5EC6D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "93A8CC01-1C2B-44A1-9CD6-4BD375FA8DC3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(2b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "01AA0941-6BDA-4B7E-81C5-D48ADAA3B5E0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1D9BA114-1C07-44BF-9645-DACE14CB9A63",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "439FC49D-8860-4D74-B82B-A91F6B6C8DB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(3b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BFE8E328-D5DD-4E6B-A21C-B6CE6A1784CD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D47BCC3A-8D11-4BF1-BB22-98EB7A1324DF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "F39D409C-BC11-49BB-96D7-15954A524A7E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.0\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "60068FC9-8A85-42E7-A0F8-AAE190E1DD2F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.0\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "8AD79B32-0F2C-4691-8458-702E68089594",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "D3F383F7-DE21-425D-98BC-2CCB99012659",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E20E884C-8F7C-4E29-8701-1CD1F63745D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9E102AF-0603-4B4B-978C-FE76C66E9EA9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6C38632E-4519-4A69-ABB8-BD5991F8081D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "72BCC243-D4B8-477D-9B68-C90571F57472",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "1022C151-6EC8-4E8D-85ED-59D51551BDAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "060593BD-ADC1-4282-BC6D-E0D6A2B7C8D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "26277C4A-4E27-492C-B18C-AC68D86ADF55",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "0318CF61-B892-4D44-B41A-D630B4AB808C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "9CDA8A78-BA6C-4451-8EAA-B83C3A6C6BA2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3c\\):*:*:*:*:*:*:*",
"matchCriteriaId": "84A49932-1E22-4BE0-8195-926D44F65AAA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3d\\):*:*:*:*:*:*:*",
"matchCriteriaId": "4DE1B0DD-EA64-493B-86B7-9057EE5033C8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3e\\):*:*:*:*:*:*:*",
"matchCriteriaId": "00ECD7C0-7F3C-4021-B949-32141E58687C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "6CC94003-72B6-45C3-A07E-0A08F1562B6A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "958A2707-0F1A-4719-BB9F-DC9ED129105A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(1b\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48A8EE9A-458D-4619-B04D-F01A9934DC11",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1:*:*:*:*:*:*:*",
"matchCriteriaId": "3C2B7439-8547-41A6-AE6C-6ABCD167890E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\)su1a:*:*:*:*:*:*:*",
"matchCriteriaId": "FF3EB2A0-6907-4260-BBF1-D8E6E40827FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BE122F76-ECDB-4446-825C-EF02257D8C08",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D0907FAF-8334-42C1-B35A-EC6ED89AC110",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "FCB47159-FA07-4317-B562-D7AB7C49E8F6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:7.1:*:*:*:*:*:*:*",
"matchCriteriaId": "77979322-F060-4DD4-A6F2-B1157664C0FA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423."
},
{
"lang": "es",
"value": "Cisco Unified Communications Manager (tambi\u00e9n conocido como CUCM, antiguamente como CallManager) v5.x anterior a v5.1(3g), v6.x anterior a v6.1(4), v7.0.x anterior a v7.0(2a)su1 y v7.1.x anterior a v7.1(2) permite a usuarios remotos provocar una denegaci\u00f3n del servicio (reinicio del servicio) a trav\u00e9s de mensajes SIP malformados. Tambi\u00e9n conocido como Bug ID CSCsz95423."
}
],
"evaluatorComment": "An unauthenticated, remote attacker could exploit this vulnerability to cause the affected application to fail, resulting in a DoS condition.\r\n",
"id": "CVE-2009-2864",
"lastModified": "2024-11-21T01:05:55.973",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-09-28T19:30:01.360",
"references": [
{
"source": "ykramarz@cisco.com",
"url": "http://osvdb.org/58344"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36836"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/36496"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1022931"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2757"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53447"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/58344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/36836"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=18883"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/36496"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1022931"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/2757"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/53447"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2008-02-14 12:00
Modified
2024-11-21 00:40
Severity ?
Summary
SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_callmanager | 5.0_4a | |
| cisco | unified_callmanager | 5.1 | |
| cisco | unified_callmanager | 6.0 | |
| cisco | unified_communications_manager | 5.0 | |
| cisco | unified_communications_manager | 5.0_1 | |
| cisco | unified_communications_manager | 5.0_2 | |
| cisco | unified_communications_manager | 5.0_3 | |
| cisco | unified_communications_manager | 5.0_3a | |
| cisco | unified_communications_manager | 5.0_4 | |
| cisco | unified_communications_manager | 5.0_4a | |
| cisco | unified_communications_manager | 5.0_4a_su1 | |
| cisco | unified_communications_manager | 6.0 | |
| cisco | unified_communications_manager | 6.0_1 | |
| cisco | unified_communications_manager | 6.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0_4a:*:*:*:*:*:*:*",
"matchCriteriaId": "97694D13-B0A4-4AE4-9142-76F6B7C446C4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.1:*:*:*:*:*:*:*",
"matchCriteriaId": "8DC17139-DB98-4C59-B29B-1B792C67EB97",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "3D748F22-A917-4EE3-B523-13419D826EF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE62DB5-943D-43B5-BD13-D74DAA122578",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_2:*:*:*:*:*:*:*",
"matchCriteriaId": "D2D76BC6-1A59-4D74-A7C9-8C05D96E01F8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_3:*:*:*:*:*:*:*",
"matchCriteriaId": "788BDB54-0970-468F-9713-14B097E1A863",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_3a:*:*:*:*:*:*:*",
"matchCriteriaId": "3CAE1371-F46C-4DFD-A4A4-D609E93C4740",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4:*:*:*:*:*:*:*",
"matchCriteriaId": "E7AC2F39-C029-4FAB-A963-0C7F1D5A8067",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4a:*:*:*:*:*:*:*",
"matchCriteriaId": "62781360-15FC-4E40-AEF8-BF01606A671B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4a_su1:*:*:*:*:*:*:*",
"matchCriteriaId": "08E03DCC-4DCB-4830-943F-05F7E3BB49EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0_1:*:*:*:*:*:*:*",
"matchCriteriaId": "05F443F9-B454-42B3-8464-ACEA40066DF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
"matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages."
},
{
"lang": "es",
"value": "Una vulnerabilidad de la inyecci\u00f3n SQL en Cisco Unified CallManager/Communications Manager (CUCM) versiones 5.0/5.1 anteriores a 5.1(3a) y versiones 6.0/6.1 anteriores a 6.1(1a), permite a los usuarios autenticados remotos ejecutar comandos SQL arbitrarios por medio del par\u00e1metro key en las p\u00e1ginas de interfaz de (1) administrador y (2) usuario."
}
],
"id": "CVE-2008-0026",
"lastModified": "2024-11-21T00:40:59.550",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2008-02-14T12:00:00.000",
"references": [
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28932"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securityfocus.com/bid/27775"
},
{
"source": "ykramarz@cisco.com",
"url": "http://www.securitytracker.com/id?1019404"
},
{
"source": "ykramarz@cisco.com",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0542"
},
{
"source": "ykramarz@cisco.com",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40484"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/28932"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080949c7c.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/27775"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securitytracker.com/id?1019404"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2008/0542"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/40484"
}
],
"sourceIdentifier": "ykramarz@cisco.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2007-04-03 00:19
Modified
2024-11-21 00:29
Severity ?
Summary
Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| cisco | unified_callmanager | 5.0 | |
| cisco | unified_callmanager | 5.0\(1\) | |
| cisco | unified_callmanager | 5.0\(2\) | |
| cisco | unified_callmanager | 5.0\(3\) | |
| cisco | unified_callmanager | 5.0\(3a\) | |
| cisco | unified_callmanager | 5.0\(4\) | |
| cisco | unified_presence_server | 1.0 | |
| cisco | unified_presence_server | 1.0\(1\) | |
| cisco | unified_presence_server | 1.0\(2\) |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
"matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*",
"matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*",
"matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*",
"matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(1\\):*:*:*:*:*:*:*",
"matchCriteriaId": "22B299D9-A18B-41D9-B976-57AFDAA751DD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*",
"matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698."
},
{
"lang": "es",
"value": "Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (p\u00e9rdida de servicios de voz) mediante una inundaci\u00f3n de peticiones de eco ICMP, tambi\u00e9n conocido como bug ID CSCsf12698."
}
],
"id": "CVE-2007-1834",
"lastModified": "2024-11-21T00:29:16.110",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.8,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2007-04-03T00:19:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/24690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://securitytracker.com/id?1017826"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/23181"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2007/1144"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/33299"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}