cvelistv5 - cve-2006-5278

cve-2006-5278

Vulnerability from cvelistv5

Published

2007-07-15 22:00

Modified

2024-08-07 19:48

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26043	Third Party Advisory
cve@mitre.org	http://securitytracker.com/id?1018369	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.iss.net/threats/271.html	Broken Link
cve@mitre.org	http://www.osvdb.org/36121	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/24868	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2512	Permissions Required, Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/19057	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26043	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018369	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/threats/271.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/36121	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24868	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2512	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/19057	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T19:48:28.521Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "negative-integer-bo(19057)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
          },
          {
            "name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
            "tags": [
              "third-party-advisory",
              "x_refsource_ISS",
              "x_transferred"
            ],
            "url": "http://www.iss.net/threats/271.html"
          },
          {
            "name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
          },
          {
            "name": "ADV-2007-2512",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/2512"
          },
          {
            "name": "26043",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/26043"
          },
          {
            "name": "24868",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/24868"
          },
          {
            "name": "1018369",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1018369"
          },
          {
            "name": "36121",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/36121"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-19T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "negative-integer-bo(19057)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
        },
        {
          "name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
          "tags": [
            "third-party-advisory",
            "x_refsource_ISS"
          ],
          "url": "http://www.iss.net/threats/271.html"
        },
        {
          "name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
        },
        {
          "name": "ADV-2007-2512",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/2512"
        },
        {
          "name": "26043",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/26043"
        },
        {
          "name": "24868",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/24868"
        },
        {
          "name": "1018369",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1018369"
        },
        {
          "name": "36121",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/36121"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5278",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "negative-integer-bo(19057)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
            },
            {
              "name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
              "refsource": "ISS",
              "url": "http://www.iss.net/threats/271.html"
            },
            {
              "name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
            },
            {
              "name": "ADV-2007-2512",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/2512"
            },
            {
              "name": "26043",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/26043"
            },
            {
              "name": "24868",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/24868"
            },
            {
              "name": "1018369",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1018369"
            },
            {
              "name": "36121",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/36121"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2006-5278",
    "datePublished": "2007-07-15T22:00:00",
    "dateReserved": "2006-10-13T00:00:00",
    "dateUpdated": "2024-08-07T19:48:28.521Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"3.3\", \"versionEndIncluding\": \"3.3\\\\(5\\\\)sr2\", \"matchCriteriaId\": \"7454C447-FE60-4DAE-8241-A9416A7206A6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.1\", \"versionEndIncluding\": \"4.1\\\\(3\\\\)sr4\", \"matchCriteriaId\": \"F2C88AFF-AC92-4CCF-869F-14E7DB9CF1C3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.2\", \"versionEndIncluding\": \"4.2\\\\(3\\\\)sr1\", \"matchCriteriaId\": \"0FB2FA97-9DDA-49D9-A931-D3AD130018E4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.1\", \"versionEndIncluding\": \"5.1\\\\(2\\\\)\", \"matchCriteriaId\": \"487FC0BB-ACBE-479B-B7A7-33059EF3D59B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"37FEF567-5F92-40BB-8581-3FCF584AAA1A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"4.3\", \"versionEndIncluding\": \"4.3\\\\(1\\\\)\", \"matchCriteriaId\": \"5FC80E93-195E-47EB-9D96-7CA5BCF1F73B\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.\"}, {\"lang\": \"es\", \"value\": \"Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permite a atacantes remotos ejecutar c\\u00f3digo de su elecci\\u00f3n mediante paquetes manipulados, resultando en un desbordamiento de b\\u00fafer basado en mont\\u00edculo.\"}]",
      "id": "CVE-2006-5278",
      "lastModified": "2024-11-21T00:18:35.180",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:C/I:C/A:C\", \"baseScore\": 10.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": true, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2007-07-15T22:30:00.000",
      "references": "[{\"url\": \"http://secunia.com/advisories/26043\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1018369\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/threats/271.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.osvdb.org/36121\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/24868\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2512\", \"source\": \"cve@mitre.org\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19057\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://secunia.com/advisories/26043\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1018369\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.iss.net/threats/271.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.osvdb.org/36121\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://www.securityfocus.com/bid/24868\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2007/2512\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Permissions Required\", \"Third Party Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/19057\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2006-5278\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2007-07-15T22:30:00.000\",\"lastModified\":\"2024-11-21T00:18:35.180\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes manipulados, resultando en un desbordamiento de b\u00fafer basado en mont\u00edculo.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:C/I:C/A:C\",\"baseScore\":10.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":true,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndIncluding\":\"3.3\\\\(5\\\\)sr2\",\"matchCriteriaId\":\"7454C447-FE60-4DAE-8241-A9416A7206A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.1\",\"versionEndIncluding\":\"4.1\\\\(3\\\\)sr4\",\"matchCriteriaId\":\"F2C88AFF-AC92-4CCF-869F-14E7DB9CF1C3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2\",\"versionEndIncluding\":\"4.2\\\\(3\\\\)sr1\",\"matchCriteriaId\":\"0FB2FA97-9DDA-49D9-A931-D3AD130018E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.1\",\"versionEndIncluding\":\"5.1\\\\(2\\\\)\",\"matchCriteriaId\":\"487FC0BB-ACBE-479B-B7A7-33059EF3D59B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"37FEF567-5F92-40BB-8581-3FCF584AAA1A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.3\",\"versionEndIncluding\":\"4.3\\\\(1\\\\)\",\"matchCriteriaId\":\"5FC80E93-195E-47EB-9D96-7CA5BCF1F73B\"}]}]}],\"references\":[{\"url\":\"http://secunia.com/advisories/26043\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018369\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/threats/271.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.osvdb.org/36121\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/24868\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2512\",\"source\":\"cve@mitre.org\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19057\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://secunia.com/advisories/26043\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://securitytracker.com/id?1018369\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.iss.net/threats/271.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.osvdb.org/36121\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://www.securityfocus.com/bid/24868\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.vupen.com/english/advisories/2007/2512\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Permissions Required\",\"Third Party Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/19057\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. An attacker can exploit these issues to execute arbitrary code within the context of the vulnerable application. Successful exploits may result in a complete compromise of affected servers. Failed exploit attempts will likely result in denial-of-service conditions. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution.

Try a new way to discover vulnerabilities that ALREADY EXIST in your IT infrastructure.

The Full Featured Secunia Network Software Inspector (NSI) is now available: http://secunia.com/network_software_inspector/

The Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT vulnerabilities in more than 4,000 different Windows applications.

TITLE: Cisco Unified Communications Manager Two Vulnerabilities

SECUNIA ADVISORY ID: SA26043

VERIFY ADVISORY: http://secunia.com/advisories/26043/

CRITICAL: Moderately critical

IMPACT: DoS, System access

WHERE:

From local network

SOFTWARE: Cisco Unified CallManager 5.x http://secunia.com/product/12535/ Cisco Unified CallManager 4.x http://secunia.com/product/12534/ Cisco Unified CallManager 3.x http://secunia.com/product/2805/ Cisco Unified Communications Manager 5.x http://secunia.com/product/11019/ Cisco Unified Communications Manager 4.x http://secunia.com/product/5363/

DESCRIPTION: Some vulnerabilities have been reported in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system.

1) An off-by-one error in the Certificate Trust List Provider service (CTLProvider.exe) can be exploited to cause a heap-based buffer overflow by sending specially crafted packets to the vulnerable service (default port 2444/TCP).

Note: This vulnerability does not affect CUCM 3.x.

Successful exploitation may allow execution of arbitrary code.

SOLUTION: Apply updated versions: Vulnerability #1 is corrected in CUCM versions 4.1(3)SR5, 4.2(3)SR2, 4.3(1)SR1 and 5.1(2). Vulnerability #2 is corrected in CUCM versions 3.3(5)SR2b, 4.1(3)SR5, 4.2(3)SR2, 4.3(1)SR1 and 5.1(2).

See vendor advisory for a detailed patch matrix.

PROVIDED AND/OR DISCOVERED BY: IBM Internet Security Systems X-Force

ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml

IBM Internet Security Systems: 1) http://www.iss.net/threats/270.html 2) http://www.iss.net/threats/271.html

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200707-0339",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "cisco",
        "version": "5.0"
      },
      {
        "model": "unified communications manager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.3\\(1\\)"
      },
      {
        "model": "unified callmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "unified callmanager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3\\(5\\)sr2"
      },
      {
        "model": "unified communications manager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.3"
      },
      {
        "model": "unified callmanager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.2\\(3\\)sr1"
      },
      {
        "model": "unified callmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "unified callmanager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.1\\(3\\)sr4"
      },
      {
        "model": "unified callmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "unified callmanager",
        "scope": "gte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "unified callmanager",
        "scope": "lte",
        "trust": 1.0,
        "vendor": "cisco",
        "version": "5.1\\(2\\)"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.9,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "unified callmanager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "200707111"
      },
      {
        "model": "unified communications manager",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "cisco",
        "version": "200707111"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.3"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.2\\(3\\)sr1"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.1\\(1\\)"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.1\\(3\\)sr4"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "4.3\\(1\\)"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.6,
        "vendor": "cisco",
        "version": "3.3\\(5\\)sr2"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1(2)"
      },
      {
        "model": "unified communications manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1(1)"
      },
      {
        "model": "unified communications manager 4.2 sr2",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.1"
      },
      {
        "model": "unified callmanager 5.0 su1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(4)"
      },
      {
        "model": "unified callmanager 5.0",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(3)"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(2)"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "5.0(1)"
      },
      {
        "model": "unified callmanager 4.3 sr1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager 4.2 sr1",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager 4.1 sr5",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager 4.1 sr4",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "unified callmanager 3.3 sr2a",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified callmanager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager sr2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es24",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es07",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es55",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es50",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager es33",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "call manager sr2c",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager sr2b",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es62",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es56",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager es40",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.0"
      },
      {
        "model": "call manager sr1a",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es30",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es24",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(5)"
      },
      {
        "model": "call manager es25",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager es61",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3(3)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "3.3"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.3(1)"
      },
      {
        "model": "call manager",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2(3)"
      },
      {
        "model": "call manager 4.1 sr4",
        "scope": null,
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified communications manager 5.1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified communications manager 4.3 sr.1",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      },
      {
        "model": "unified communications manager sr2b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.2"
      },
      {
        "model": "unified callmanager sr5b",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": "4.1"
      },
      {
        "model": "unified callmanager 3.3 sr3",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "cisco",
        "version": null
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "24868"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.3\\(5\\)sr2",
                "versionStartIncluding": "3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.2\\(3\\)sr1",
                "versionStartIncluding": "4.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1\\(2\\)",
                "versionStartIncluding": "5.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3\\(1\\)",
                "versionStartIncluding": "4.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1\\(3\\)sr4",
                "versionStartIncluding": "4.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "IBM ISS X-Force",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2006-5278",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2006-5278",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-21386",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2006-5278",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200707-273",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-21386",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. \nAn attacker can exploit these issues to execute arbitrary code within the context of the vulnerable application. Successful exploits may result in a complete compromise of affected servers. Failed exploit attempts will likely result in denial-of-service conditions. This component provides a scalable, distributed and highly available enterprise IP telephony call processing solution. \n\n----------------------------------------------------------------------\n\nTry a new way to discover vulnerabilities that ALREADY EXIST in your\nIT infrastructure. \n\nThe Full Featured Secunia Network Software Inspector (NSI) is now\navailable:\nhttp://secunia.com/network_software_inspector/\n\nThe Secunia NSI enables you to INSPECT, DISCOVER, and DOCUMENT\nvulnerabilities in more than 4,000 different Windows applications. \n\n----------------------------------------------------------------------\n\nTITLE:\nCisco Unified Communications Manager Two Vulnerabilities\n\nSECUNIA ADVISORY ID:\nSA26043\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/26043/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom local network\n\nSOFTWARE:\nCisco Unified CallManager 5.x\nhttp://secunia.com/product/12535/\nCisco Unified CallManager 4.x\nhttp://secunia.com/product/12534/\nCisco Unified CallManager 3.x\nhttp://secunia.com/product/2805/\nCisco Unified Communications Manager 5.x\nhttp://secunia.com/product/11019/\nCisco Unified Communications Manager 4.x\nhttp://secunia.com/product/5363/\n\nDESCRIPTION:\nSome vulnerabilities have been reported in Cisco Unified\nCommunications Manager (CUCM), which can be exploited by malicious\npeople to cause a DoS (Denial of Service) or potentially compromise a\nvulnerable system. \n\n1) An off-by-one error in the Certificate Trust List Provider service\n(CTLProvider.exe) can be exploited to cause a heap-based buffer\noverflow by sending specially crafted packets to the vulnerable\nservice (default port 2444/TCP). \n\nNote: This vulnerability does not affect CUCM 3.x. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nSOLUTION:\nApply updated versions:\nVulnerability #1 is corrected in CUCM versions 4.1(3)SR5, 4.2(3)SR2,\n4.3(1)SR1 and 5.1(2). \nVulnerability #2 is corrected in CUCM versions 3.3(5)SR2b, 4.1(3)SR5,\n4.2(3)SR2, 4.3(1)SR1 and 5.1(2). \n\nSee vendor advisory for a detailed patch matrix. \n\nPROVIDED AND/OR DISCOVERED BY:\nIBM Internet Security Systems X-Force\n\nORIGINAL ADVISORY:\nCisco:\nhttp://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml\n\nIBM Internet Security Systems:\n1) http://www.iss.net/threats/270.html\n2) http://www.iss.net/threats/271.html\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "BID",
        "id": "24868"
      },
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "db": "PACKETSTORM",
        "id": "57691"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2006-5278",
        "trust": 2.8
      },
      {
        "db": "BID",
        "id": "24868",
        "trust": 2.0
      },
      {
        "db": "SECUNIA",
        "id": "26043",
        "trust": 1.8
      },
      {
        "db": "OSVDB",
        "id": "36121",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2007-2512",
        "trust": 1.7
      },
      {
        "db": "SECTRACK",
        "id": "1018369",
        "trust": 1.7
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273",
        "trust": 0.7
      },
      {
        "db": "VULHUB",
        "id": "VHN-21386",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "57691",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "db": "BID",
        "id": "24868"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "PACKETSTORM",
        "id": "57691"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "id": "VAR-200707-0339",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T13:15:41.818000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "cisco-sa-20070711-cucm",
        "trust": 0.8,
        "url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20070711-cucm"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.1,
        "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
      },
      {
        "trust": 1.8,
        "url": "http://www.iss.net/threats/271.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.securityfocus.com/bid/24868"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/36121"
      },
      {
        "trust": 1.7,
        "url": "http://securitytracker.com/id?1018369"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/26043"
      },
      {
        "trust": 1.7,
        "url": "http://www.vupen.com/english/advisories/2007/2512"
      },
      {
        "trust": 1.7,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-5278"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2006-5278"
      },
      {
        "trust": 0.3,
        "url": "http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2805/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/network_software_inspector/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12534/"
      },
      {
        "trust": 0.1,
        "url": "http://www.iss.net/threats/270.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/12535/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/5363/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/11019/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/26043/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "db": "BID",
        "id": "24868"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "PACKETSTORM",
        "id": "57691"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "db": "BID",
        "id": "24868"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "db": "PACKETSTORM",
        "id": "57691"
      },
      {
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2007-07-15T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "date": "2007-07-11T00:00:00",
        "db": "BID",
        "id": "24868"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "date": "2007-07-13T00:55:11",
        "db": "PACKETSTORM",
        "id": "57691"
      },
      {
        "date": "2007-07-15T22:30:00",
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "date": "2007-07-15T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2019-08-01T00:00:00",
        "db": "VULHUB",
        "id": "VHN-21386"
      },
      {
        "date": "2016-07-05T21:38:00",
        "db": "BID",
        "id": "24868"
      },
      {
        "date": "2012-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      },
      {
        "date": "2019-08-01T12:11:51.663000",
        "db": "NVD",
        "id": "CVE-2006-5278"
      },
      {
        "date": "2019-08-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "CUCM of  RIS Data Collector Service integer overflow vulnerability",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2007-001225"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "other",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200707-273"
      }
    ],
    "trust": 0.6
  }
}

cve-2006-5278

Vulnerability from fkie_nvd

Published

2007-07-15 22:30

Modified

2024-11-21 00:18

Severity ?

Summary

References

URL	Tags
cve@mitre.org	http://secunia.com/advisories/26043	Third Party Advisory
cve@mitre.org	http://securitytracker.com/id?1018369	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml	Patch, Vendor Advisory
cve@mitre.org	http://www.iss.net/threats/271.html	Broken Link
cve@mitre.org	http://www.osvdb.org/36121	Broken Link
cve@mitre.org	http://www.securityfocus.com/bid/24868	Third Party Advisory, VDB Entry
cve@mitre.org	http://www.vupen.com/english/advisories/2007/2512	Permissions Required, Third Party Advisory
cve@mitre.org	https://exchange.xforce.ibmcloud.com/vulnerabilities/19057	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/26043	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1018369	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.iss.net/threats/271.html	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.osvdb.org/36121	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/24868	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2007/2512	Permissions Required, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/19057	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	unified_callmanager	*
cisco	unified_callmanager	*
cisco	unified_callmanager	*
cisco	unified_callmanager	*
cisco	unified_callmanager	5.0
cisco	unified_communications_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7454C447-FE60-4DAE-8241-A9416A7206A6",
              "versionEndIncluding": "3.3\\(5\\)sr2",
              "versionStartIncluding": "3.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "F2C88AFF-AC92-4CCF-869F-14E7DB9CF1C3",
              "versionEndIncluding": "4.1\\(3\\)sr4",
              "versionStartIncluding": "4.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FB2FA97-9DDA-49D9-A931-D3AD130018E4",
              "versionEndIncluding": "4.2\\(3\\)sr1",
              "versionStartIncluding": "4.2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "487FC0BB-ACBE-479B-B7A7-33059EF3D59B",
              "versionEndIncluding": "5.1\\(2\\)",
              "versionStartIncluding": "5.1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "37FEF567-5F92-40BB-8581-3FCF584AAA1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5FC80E93-195E-47EB-9D96-7CA5BCF1F73B",
              "versionEndIncluding": "4.3\\(1\\)",
              "versionStartIncluding": "4.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
    },
    {
      "lang": "es",
      "value": "Desbordamiento de entero en Real-Time Information Server (RIS) Data Collector service (RisDC.exe) de Cisco Unified Communications Manager (CUCM, anteriormente denominado CallManager) versiones anteriores a 20070711 permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n mediante paquetes manipulados, resultando en un desbordamiento de b\u00fafer basado en mont\u00edculo."
    }
  ],
  "id": "CVE-2006-5278",
  "lastModified": "2024-11-21T00:18:35.180",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-07-15T22:30:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26043"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1018369"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.iss.net/threats/271.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/36121"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24868"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2512"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://secunia.com/advisories/26043"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1018369"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.iss.net/threats/271.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://www.osvdb.org/36121"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/24868"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Permissions Required",
        "Third Party Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2007/2512"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

gsd-2006-5278

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Aliases

CVE-2006-5278

Aliases

CVE-2006-5278

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2006-5278",
    "description": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.",
    "id": "GSD-2006-5278"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2006-5278"
      ],
      "details": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.",
      "id": "GSD-2006-5278",
      "modified": "2023-12-13T01:19:56.332423Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2006-5278",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "negative-integer-bo(19057)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
          },
          {
            "name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
            "refsource": "ISS",
            "url": "http://www.iss.net/threats/271.html"
          },
          {
            "name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
          },
          {
            "name": "ADV-2007-2512",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2007/2512"
          },
          {
            "name": "26043",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/26043"
          },
          {
            "name": "24868",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/24868"
          },
          {
            "name": "1018369",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1018369"
          },
          {
            "name": "36121",
            "refsource": "OSVDB",
            "url": "http://www.osvdb.org/36121"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.3\\(5\\)sr2",
                "versionStartIncluding": "3.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.2\\(3\\)sr1",
                "versionStartIncluding": "4.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.1\\(2\\)",
                "versionStartIncluding": "5.1",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.3\\(1\\)",
                "versionStartIncluding": "4.3",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_callmanager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "4.1\\(3\\)sr4",
                "versionStartIncluding": "4.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2006-5278"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20070711 Cisco Call Manager RisDC.exe Remote Code Execution",
              "refsource": "ISS",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.iss.net/threats/271.html"
            },
            {
              "name": "20070711 Cisco Unified Communications Manager Overflow Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
            },
            {
              "name": "24868",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/24868"
            },
            {
              "name": "1018369",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://securitytracker.com/id?1018369"
            },
            {
              "name": "26043",
              "refsource": "SECUNIA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/26043"
            },
            {
              "name": "36121",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://www.osvdb.org/36121"
            },
            {
              "name": "ADV-2007-2512",
              "refsource": "VUPEN",
              "tags": [
                "Permissions Required",
                "Third Party Advisory"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/2512"
            },
            {
              "name": "negative-integer-bo(19057)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "integrityImpact": "COMPLETE",
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 10.0,
          "obtainAllPrivilege": true,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-08-01T12:11Z",
      "publishedDate": "2007-07-15T22:30Z"
    }
  }
}

ghsa-578w-ff3h-hrqq

Vulnerability from github

Published

2022-05-01 07:26

Modified

2022-05-01 07:26

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2006-5278"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2007-07-15T22:30:00Z",
    "severity": "HIGH"
  },
  "details": "Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow.",
  "id": "GHSA-578w-ff3h-hrqq",
  "modified": "2022-05-01T07:26:43Z",
  "published": "2022-05-01T07:26:43Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2006-5278"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/19057"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/26043"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1018369"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.iss.net/threats/271.html"
    },
    {
      "type": "WEB",
      "url": "http://www.osvdb.org/36121"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/24868"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2007/2512"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2006-5278

Vulnerability from cvelistv5

var-200707-0339

Vulnerability from variot

cve-2006-5278

Vulnerability from fkie_nvd

gsd-2006-5278

Vulnerability from gsd

ghsa-578w-ff3h-hrqq

Vulnerability from github

Tags

Sightings

Nomenclature