cvelistv5 - cve-2006-0368

cve-2006-0368

Vulnerability from cvelistv5

Published

2006-01-22 20:00

Modified

2024-08-07 16:34

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18494	Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/359
cve@mitre.org	http://securitytracker.com/id?1015503
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
cve@mitre.org	http://www.osvdb.org/22622
cve@mitre.org	http://www.osvdb.org/22623
cve@mitre.org	http://www.securityfocus.com/bid/16295
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0249
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24180
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18494	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/359
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015503
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22622
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22623
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16295
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0249
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24180

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T16:34:14.807Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015503",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015503"
          },
          {
            "name": "ADV-2006-0249",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/0249"
          },
          {
            "name": "20060118 Cisco Call Manager Denial of Service",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
          },
          {
            "name": "cisco-callmanager-port-connection-dos(24180)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
          },
          {
            "name": "16295",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/16295"
          },
          {
            "name": "22623",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22623"
          },
          {
            "name": "22622",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/22622"
          },
          {
            "name": "359",
            "tags": [
              "third-party-advisory",
              "x_refsource_SREASON",
              "x_transferred"
            ],
            "url": "http://securityreason.com/securityalert/359"
          },
          {
            "name": "18494",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/18494"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2006-01-18T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015503",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015503"
        },
        {
          "name": "ADV-2006-0249",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/0249"
        },
        {
          "name": "20060118 Cisco Call Manager Denial of Service",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
        },
        {
          "name": "cisco-callmanager-port-connection-dos(24180)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
        },
        {
          "name": "16295",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/16295"
        },
        {
          "name": "22623",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22623"
        },
        {
          "name": "22622",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/22622"
        },
        {
          "name": "359",
          "tags": [
            "third-party-advisory",
            "x_refsource_SREASON"
          ],
          "url": "http://securityreason.com/securityalert/359"
        },
        {
          "name": "18494",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/18494"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0368",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015503",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015503"
            },
            {
              "name": "ADV-2006-0249",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/0249"
            },
            {
              "name": "20060118 Cisco Call Manager Denial of Service",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
            },
            {
              "name": "cisco-callmanager-port-connection-dos(24180)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
            },
            {
              "name": "16295",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/16295"
            },
            {
              "name": "22623",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22623"
            },
            {
              "name": "22622",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/22622"
            },
            {
              "name": "359",
              "refsource": "SREASON",
              "url": "http://securityreason.com/securityalert/359"
            },
            {
              "name": "18494",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/18494"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-0368",
    "datePublished": "2006-01-22T20:00:00",
    "dateReserved": "2006-01-22T00:00:00",
    "dateUpdated": "2024-08-07T16:34:14.807Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"12DE5E22-DF93-46BE-85A3-D4E04379E901\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"14BF1392-C6E2-4946-9B9E-A64BFE7E8057\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EA117831-013A-4B62-90EA-9F87D0DBACF3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF7E0B10-11E0-44B7-A450-AA5AB058C6C5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.1\\\\(2\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C9C25529-9048-46E8-8A59-61CAD59C2C40\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.1\\\\(3a\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"70ADFE52-9C89-4C29-AC74-7F510326F810\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9306CD67-C43D-46F7-B76B-1FA0ACC6135E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\)es61:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B333B6A2-36AE-45D8-81E6-7B13C0235774\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3\\\\(4\\\\)es25:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8974FCAC-BE8B-4F87-91D5-E4D3C38A0262\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\):*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7A2188FD-29C8-4184-9E85-3875A53BB193\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)es30:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"2D311940-8FB8-44A5-9B1E-9730342554E2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)es40:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B31D0C8B-462C-4AC2-9F8C-1F22607C7438\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)es62:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B524C24E-0413-4DF0-A4D1-14B85C690574\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)sr2b:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5502603F-E499-4B44-955E-4A9D63FA4360\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"29E82520-D83E-4259-B7BC-76320FF948A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es55:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B25A4042-1F70-498E-8BB3-9B8A29C0EF28\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es07:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"291B6C1C-C3F3-4016-AF50-4D8D90227357\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F7DB7A16-9B5E-4EC7-95BE-5C028AA5E9AD\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9F9AA9D0-3205-4A5D-8161-C80D1855D91E\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.\"}]",
      "id": "CVE-2006-0368",
      "lastModified": "2024-11-21T00:06:18.237",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2006-01-22T20:03:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/18494\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/359\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://securitytracker.com/id?1015503\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/22622\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.osvdb.org/22623\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.securityfocus.com/bid/16295\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/0249\", \"source\": \"cve@mitre.org\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24180\", \"source\": \"cve@mitre.org\"}, {\"url\": \"http://secunia.com/advisories/18494\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://securityreason.com/securityalert/359\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://securitytracker.com/id?1015503\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/22622\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.osvdb.org/22623\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.securityfocus.com/bid/16295\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"http://www.vupen.com/english/advisories/2006/0249\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/24180\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-0368\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2006-01-22T20:03:00.000\",\"lastModified\":\"2024-11-21T00:06:18.237\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"12DE5E22-DF93-46BE-85A3-D4E04379E901\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"14BF1392-C6E2-4946-9B9E-A64BFE7E8057\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EA117831-013A-4B62-90EA-9F87D0DBACF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF7E0B10-11E0-44B7-A450-AA5AB058C6C5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.1\\\\(2\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C9C25529-9048-46E8-8A59-61CAD59C2C40\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.1\\\\(3a\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"70ADFE52-9C89-4C29-AC74-7F510326F810\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9306CD67-C43D-46F7-B76B-1FA0ACC6135E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(3\\\\)es61:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B333B6A2-36AE-45D8-81E6-7B13C0235774\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(4\\\\)es25:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8974FCAC-BE8B-4F87-91D5-E4D3C38A0262\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\):*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7A2188FD-29C8-4184-9E85-3875A53BB193\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:3.3\\\\(5\\\\)es30:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2D311940-8FB8-44A5-9B1E-9730342554E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)es40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B31D0C8B-462C-4AC2-9F8C-1F22607C7438\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)es62:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B524C24E-0413-4DF0-A4D1-14B85C690574\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.0\\\\(2a\\\\)sr2b:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5502603F-E499-4B44-955E-4A9D63FA4360\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"29E82520-D83E-4259-B7BC-76320FF948A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(2\\\\)es55:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B25A4042-1F70-498E-8BB3-9B8A29C0EF28\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es07:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"291B6C1C-C3F3-4016-AF50-4D8D90227357\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)es32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F7DB7A16-9B5E-4EC7-95BE-5C028AA5E9AD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:h:cisco:call_manager:4.1\\\\(3\\\\)sr1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9F9AA9D0-3205-4A5D-8161-C80D1855D91E\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/18494\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/359\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1015503\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/22622\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.osvdb.org/22623\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/16295\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0249\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24180\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/18494\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://securityreason.com/securityalert/359\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1015503\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/22622\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.osvdb.org/22623\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/16295\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2006/0249\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/24180\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}

cve-2006-0368

Vulnerability from fkie_nvd

Published

2006-01-22 20:03

Modified

2024-11-21 00:06

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/18494	Patch, Vendor Advisory
cve@mitre.org	http://securityreason.com/securityalert/359
cve@mitre.org	http://securitytracker.com/id?1015503
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
cve@mitre.org	http://www.osvdb.org/22622
cve@mitre.org	http://www.osvdb.org/22623
cve@mitre.org	http://www.securityfocus.com/bid/16295
cve@mitre.org	http://www.vupen.com/english/advisories/2006/0249
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/24180
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/18494	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securityreason.com/securityalert/359
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1015503
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22622
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/22623
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/16295
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2006/0249
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/24180

Impacted products

Vendor	Product	Version
cisco	call_manager	*
cisco	call_manager	1.0
cisco	call_manager	2.0
cisco	call_manager	3.0
cisco	call_manager	3.1
cisco	call_manager	3.1\(2\)
cisco	call_manager	3.1\(3a\)
cisco	call_manager	3.2
cisco	call_manager	3.3
cisco	call_manager	3.3\(3\)
cisco	call_manager	3.3\(3\)es61
cisco	call_manager	3.3\(4\)es25
cisco	call_manager	3.3\(5\)
cisco	call_manager	3.3\(5\)es30
cisco	call_manager	4.0
cisco	call_manager	4.0\(2a\)es40
cisco	call_manager	4.0\(2a\)es62
cisco	call_manager	4.0\(2a\)sr2b
cisco	call_manager	4.1\(2\)es33
cisco	call_manager	4.1\(2\)es55
cisco	call_manager	4.1\(3\)es07
cisco	call_manager	4.1\(3\)es32
cisco	call_manager	4.1\(3\)sr1

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "12DE5E22-DF93-46BE-85A3-D4E04379E901",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "14BF1392-C6E2-4946-9B9E-A64BFE7E8057",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EA117831-013A-4B62-90EA-9F87D0DBACF3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C08E2D6A-1B4C-4BDA-8FF7-8D61A393460E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF7E0B10-11E0-44B7-A450-AA5AB058C6C5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "C9C25529-9048-46E8-8A59-61CAD59C2C40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "70ADFE52-9C89-4C29-AC74-7F510326F810",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "54CEBAD7-7BDD-44DE-A591-C7EFD4E3F67E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "9306CD67-C43D-46F7-B76B-1FA0ACC6135E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "F3D9BE35-E2AA-42A4-BECB-1BD33F2D9F2F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\)es61:*:*:*:*:*:*:*",
              "matchCriteriaId": "B333B6A2-36AE-45D8-81E6-7B13C0235774",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(4\\)es25:*:*:*:*:*:*:*",
              "matchCriteriaId": "8974FCAC-BE8B-4F87-91D5-E4D3C38A0262",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "7A2188FD-29C8-4184-9E85-3875A53BB193",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)es30:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D311940-8FB8-44A5-9B1E-9730342554E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "A008ACB8-54DD-4C49-A35D-3FA7D3CBF38F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es40:*:*:*:*:*:*:*",
              "matchCriteriaId": "B31D0C8B-462C-4AC2-9F8C-1F22607C7438",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es62:*:*:*:*:*:*:*",
              "matchCriteriaId": "B524C24E-0413-4DF0-A4D1-14B85C690574",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)sr2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "5502603F-E499-4B44-955E-4A9D63FA4360",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es33:*:*:*:*:*:*:*",
              "matchCriteriaId": "29E82520-D83E-4259-B7BC-76320FF948A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es55:*:*:*:*:*:*:*",
              "matchCriteriaId": "B25A4042-1F70-498E-8BB3-9B8A29C0EF28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es07:*:*:*:*:*:*:*",
              "matchCriteriaId": "291B6C1C-C3F3-4016-AF50-4D8D90227357",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es32:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7DB7A16-9B5E-4EC7-95BE-5C028AA5E9AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
              "matchCriteriaId": "9F9AA9D0-3205-4A5D-8161-C80D1855D91E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727."
    }
  ],
  "id": "CVE-2006-0368",
  "lastModified": "2024-11-21T00:06:18.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2006-01-22T20:03:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18494"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securityreason.com/securityalert/359"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015503"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/22622"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/22623"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/16295"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2006/0249"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/18494"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securityreason.com/securityalert/359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/22622"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/22623"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/16295"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2006/0249"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

ghsa-p4h8-95wc-cxcp

Vulnerability from github

Published

2022-05-01 06:39

Modified

2022-05-01 06:39

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-0368"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2006-01-22T20:03:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.",
  "id": "GHSA-p4h8-95wc-cxcp",
  "modified": "2022-05-01T06:39:07Z",
  "published": "2022-05-01T06:39:07Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-0368"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/18494"
    },
    {
      "type": "WEB",
      "url": "http://securityreason.com/securityalert/359"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1015503"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/22622"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/22623"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/16295"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2006/0249"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727. Cisco CallManager There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. CallManager is susceptible to multiple remote denial of service vulnerabilities. These issues are documented in Cisco bugs CSCea53907, CSCsa86197, CSCsb16635 and CSCsb64161, which are available to Cisco customers. Attackers may exploit these vulnerabilities to crash the affected service, effectively denying service to legitimate users. Cisco CallManager (CCM) is a set of call processing components based on the Cisco Unified Communications solution of Cisco. Under certain circumstances, CCM will keep the TCP connection open indefinitely until the CCM service is restarted or the server is restarted. Successful exploitation of these vulnerabilities could result in a denial of service attack, causing high CPU usage, interrupting service, or restarting the server, which could then cause the phone to become unresponsive, log off the phone from the CCM, or restart the CCM.

TITLE: Cisco CallManager Connection Handling Denial of Service

SECUNIA ADVISORY ID: SA18494

VERIFY ADVISORY: http://secunia.com/advisories/18494/

CRITICAL: Less critical

IMPACT: DoS

WHERE:

From local network

SOFTWARE: Cisco CallManager 3.x http://secunia.com/product/2805/ Cisco CallManager 4.x http://secunia.com/product/5363/

DESCRIPTION: Some vulnerabilities has been reported in Cisco CallManager, which can be exploited by malicious people to cause a DoS (Denial of Service).

2) An error in the processing of connections to ports 2001, 2002, and 7727 can be exploited to fill up the Windows message queue by establishing multiple connections. This further leads to the Cisco CallManager restarting after a 30 second timeout.

The following versions are affected: * Cisco CallManager 3.2 and earlier * Cisco CallManager 3.3, versions earlier than 3.3(5)SR1a * Cisco CallManager 4.0, versions earlier than 4.0(2a)SR2c * Cisco CallManager 4.1, versions earlier than 4.1(3)SR2

SOLUTION: Fixes are available (see patch matrix): http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml#software

PROVIDED AND/OR DISCOVERED BY: Reported by vendor.

ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200601-0326",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 2.2,
        "vendor": "cisco",
        "version": "3.1"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "3.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)sr1"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0\\(2a\\)sr2b"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(2\\)es33"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.0\\(2a\\)es62"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)es32"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(2\\)es55"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)es07"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "3.2"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "2.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "cisco",
        "version": "1.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(4\\)es25"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.1\\(3a\\)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(3\\)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(5\\)es30"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "*"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.1\\(2\\)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(3\\)es61"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.0\\(2a\\)es40"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(5\\)"
      },
      {
        "model": "call manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0(2a)sr2c"
      },
      {
        "model": "call manager",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.2 and earlier"
      },
      {
        "model": "call manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1(3)sr2"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "3.3(5)sr1"
      },
      {
        "model": "call manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es55",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es33",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr2b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es62",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es40",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es30",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(5)"
      },
      {
        "model": "call manager es25",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es61",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(3)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.1(2)"
      },
      {
        "model": "call manager",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "call manager sr2",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es24",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es07",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es50",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es33",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr2c",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager sr2b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es56",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es40",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager sr1a",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es24",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(5)"
      },
      {
        "model": "call manager es25",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es61",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es62:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)sr2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)es30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\)es61:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(4\\)es25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es55:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco Security bulletin",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-0368",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 7.8,
            "confidentialityImpact": "None",
            "exploitabilityScore": null,
            "id": "CVE-2006-0368",
            "impactScore": null,
            "integrityImpact": "None",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "exploitabilityScore": 10.0,
            "id": "VHN-16476",
            "impactScore": 6.9,
            "integrityImpact": "NONE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:N/I:N/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-0368",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200601-276",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-16476",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727. Cisco CallManager There is a service disruption (DoS) There are vulnerabilities that are put into a state.Service disruption by a third party (DoS) There is a possibility of being put into a state. CallManager is susceptible to multiple remote denial of service vulnerabilities. \nThese issues are documented in Cisco bugs CSCea53907, CSCsa86197, CSCsb16635 and CSCsb64161, which are available to Cisco customers. \nAttackers may exploit these vulnerabilities to crash the affected service, effectively denying service to legitimate users. Cisco CallManager (CCM) is a set of call processing components based on the Cisco Unified Communications solution of Cisco. Under certain circumstances, CCM will keep the TCP connection open indefinitely until the CCM service is restarted or the server is restarted. Successful exploitation of these vulnerabilities could result in a denial of service attack, causing high CPU usage, interrupting service, or restarting the server, which could then cause the phone to become unresponsive, log off the phone from the CCM, or restart the CCM. \n\nTITLE:\nCisco CallManager Connection Handling Denial of Service\n\nSECUNIA ADVISORY ID:\nSA18494\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/18494/\n\nCRITICAL:\nLess critical\n\nIMPACT:\nDoS\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCisco CallManager 3.x\nhttp://secunia.com/product/2805/\nCisco CallManager 4.x\nhttp://secunia.com/product/5363/\n\nDESCRIPTION:\nSome vulnerabilities has been reported in Cisco CallManager, which\ncan be exploited by malicious people to cause a DoS (Denial of\nService). \n\n2) An error in the processing of connections to ports 2001, 2002, and\n7727 can be exploited to fill up the Windows message queue by\nestablishing multiple connections. This further leads to the Cisco\nCallManager restarting after a 30 second timeout. \n\nThe following versions are affected:\n* Cisco CallManager 3.2 and earlier\n* Cisco CallManager 3.3, versions earlier than 3.3(5)SR1a\n* Cisco CallManager 4.0, versions earlier than 4.0(2a)SR2c\n* Cisco CallManager 4.1, versions earlier than 4.1(3)SR2\n\nSOLUTION:\nFixes are available (see patch matrix):\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml#software\n\nPROVIDED AND/OR DISCOVERED BY:\nReported by vendor. \n\nORIGINAL ADVISORY:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "db": "PACKETSTORM",
        "id": "43184"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-0368",
        "trust": 2.5
      },
      {
        "db": "BID",
        "id": "16295",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "18494",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-0249",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "22622",
        "trust": 1.7
      },
      {
        "db": "OSVDB",
        "id": "22623",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1015503",
        "trust": 1.7
      },
      {
        "db": "SREASON",
        "id": "359",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276",
        "trust": 0.7
      },
      {
        "db": "XF",
        "id": "24180",
        "trust": 0.6
      },
      {
        "db": "CISCO",
        "id": "20060118 CISCO CALL MANAGER DENIAL OF SERVICE",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-16476",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "43184",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "PACKETSTORM",
        "id": "43184"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "id": "VAR-200601-0326",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:45:23.460000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "18494",
        "trust": 0.8,
        "url": "http://secunia.com/advisories/18494"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/16295"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/22622"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/22623"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1015503"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/18494"
      },
      {
        "trust": 1.7,
        "url": "http://securityreason.com/securityalert/359"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/0249"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-0368"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-0368"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2006/0249"
      },
      {
        "trust": 0.6,
        "url": "http://xforce.iss.net/xforce/xfdb/24180"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/products_security_advisory09186a00804c0c26.shtml"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2805/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml#software"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/18494/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5363/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "PACKETSTORM",
        "id": "43184"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "db": "PACKETSTORM",
        "id": "43184"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2006-01-22T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "date": "2006-01-18T00:00:00",
        "db": "BID",
        "id": "16295"
      },
      {
        "date": "2014-03-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "date": "2006-01-19T17:33:40",
        "db": "PACKETSTORM",
        "id": "43184"
      },
      {
        "date": "2006-01-22T20:03:00",
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "date": "2006-01-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-07-20T00:00:00",
        "db": "VULHUB",
        "id": "VHN-16476"
      },
      {
        "date": "2006-02-07T20:54:00",
        "db": "BID",
        "id": "16295"
      },
      {
        "date": "2014-03-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      },
      {
        "date": "2017-07-20T01:29:42.097000",
        "db": "NVD",
        "id": "CVE-2006-0368"
      },
      {
        "date": "2006-01-24T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Cisco CallManager Service disruption in  (DoS) Vulnerabilities",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2006-003845"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Design Error",
    "sources": [
      {
        "db": "BID",
        "id": "16295"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200601-276"
      }
    ],
    "trust": 0.9
  }
}

gsd-2006-0368

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-0368

Aliases

CVE-2006-0368

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-0368",
    "description": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.",
    "id": "GSD-2006-0368"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-0368"
      ],
      "details": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.",
      "id": "GSD-2006-0368",
      "modified": "2023-12-13T01:19:50.305503Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-0368",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1015503",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1015503"
          },
          {
            "name": "ADV-2006-0249",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2006/0249"
          },
          {
            "name": "20060118 Cisco Call Manager Denial of Service",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
          },
          {
            "name": "cisco-callmanager-port-connection-dos(24180)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
          },
          {
            "name": "16295",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/16295"
          },
          {
            "name": "22623",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/22623"
          },
          {
            "name": "22622",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/22622"
          },
          {
            "name": "359",
            "refsource": "SREASON",
            "url": "http://securityreason.com/securityalert/359"
          },
          {
            "name": "18494",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/18494"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es62:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)sr2b:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1\\(2\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1\\(3a\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.0\\(2a\\)es40:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)sr1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\):*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(5\\)es30:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es07:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(3\\)es32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(3\\)es61:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:3.3\\(4\\)es25:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es33:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:h:cisco:call_manager:4.1\\(2\\)es55:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-0368"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20060118 Cisco Call Manager Denial of Service",
              "refsource": "CISCO",
              "tags": [],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml"
            },
            {
              "name": "16295",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/16295"
            },
            {
              "name": "18494",
              "refsource": "SECUNIA",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/18494"
            },
            {
              "name": "22622",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/22622"
            },
            {
              "name": "22623",
              "refsource": "OSVDB",
              "tags": [],
              "url": "http://www.osvdb.org/22623"
            },
            {
              "name": "1015503",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://securitytracker.com/id?1015503"
            },
            {
              "name": "359",
              "refsource": "SREASON",
              "tags": [],
              "url": "http://securityreason.com/securityalert/359"
            },
            {
              "name": "ADV-2006-0249",
              "refsource": "VUPEN",
              "tags": [],
              "url": "http://www.vupen.com/english/advisories/2006/0249"
            },
            {
              "name": "cisco-callmanager-port-connection-dos(24180)",
              "refsource": "XF",
              "tags": [],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/24180"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2017-07-20T01:29Z",
      "publishedDate": "2006-01-22T20:03Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2006-0368

Vulnerability from cvelistv5

cve-2006-0368

Vulnerability from fkie_nvd

ghsa-p4h8-95wc-cxcp

Vulnerability from github

var-200601-0326

Vulnerability from variot

gsd-2006-0368

Vulnerability from gsd

Tags

Sightings

Nomenclature