cve-2009-2053

Vulnerability from cvelistv5

Published

2009-08-27 16:31

Modified

2024-08-07 05:36

Severity ?

Summary

References

URL	Tags
ykramarz@cisco.com	http://osvdb.org/57455	Broken Link
ykramarz@cisco.com	http://secunia.com/advisories/36498	Vendor Advisory
ykramarz@cisco.com	http://secunia.com/advisories/36499	Vendor Advisory
ykramarz@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml	Patch, Vendor Advisory
ykramarz@cisco.com	http://www.securityfocus.com/bid/36152	Third Party Advisory, VDB Entry
ykramarz@cisco.com	http://www.securitytracker.com/id?1022775	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/57455	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36498	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36499	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36152	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022775	Third Party Advisory, VDB Entry

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.982Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36499",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36499"
          },
          {
            "name": "36152",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36152"
          },
          {
            "name": "36498",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36498"
          },
          {
            "name": "57455",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/57455"
          },
          {
            "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
          },
          {
            "name": "1022775",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022775"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-09-02T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "36499",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36499"
        },
        {
          "name": "36152",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36152"
        },
        {
          "name": "36498",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36498"
        },
        {
          "name": "57455",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/57455"
        },
        {
          "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
        },
        {
          "name": "1022775",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022775"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36499",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36499"
            },
            {
              "name": "36152",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36152"
            },
            {
              "name": "36498",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36498"
            },
            {
              "name": "57455",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/57455"
            },
            {
              "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
            },
            {
              "name": "1022775",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022775"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2053",
    "datePublished": "2009-08-27T16:31:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0\", \"versionEndExcluding\": \"5.1\\\\(3g\\\\)\", \"matchCriteriaId\": \"B48B0779-7796-45D2-8967-459F562A6243\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.1\\\\(1\\\\)\", \"versionEndExcluding\": \"6.1\\\\(4\\\\)\", \"matchCriteriaId\": \"98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.0\\\\(2a\\\\)su1\", \"matchCriteriaId\": \"906EED24-1D35-4952-AFCA-D7D5223F66D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.1\", \"versionEndExcluding\": \"7.1\\\\(2\\\\)\", \"matchCriteriaId\": \"96DB29BF-9A40-4591-BE41-C519B86C2EEF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.\"}, {\"lang\": \"es\", \"value\": \"Cisco Unified Communications Manager (tambi\\u00e9n conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegaci\\u00f3n de servicio (agotamiento del descriptor de fichero y parada SCCP) a trav\\u00e9s de la inundaci\\u00f3n de paquetes TCP, tambi\\u00e9n conocido como Bug ID CSCsx32236.\"}]",
      "id": "CVE-2009-2053",
      "lastModified": "2024-11-21T01:04:01.140",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-08-27T17:00:01.030",
      "references": "[{\"url\": \"http://osvdb.org/57455\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36498\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36499\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36152\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022775\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://osvdb.org/57455\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36498\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36499\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36152\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022775\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-2053\",\"sourceIdentifier\":\"ykramarz@cisco.com\",\"published\":\"2009-08-27T17:00:01.030\",\"lastModified\":\"2024-11-21T01:04:01.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.\"},{\"lang\":\"es\",\"value\":\"Cisco Unified Communications Manager (tambi\u00e9n conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento del descriptor de fichero y parada SCCP) a trav\u00e9s de la inundaci\u00f3n de paquetes TCP, tambi\u00e9n conocido como Bug ID CSCsx32236.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.1\\\\(3g\\\\)\",\"matchCriteriaId\":\"B48B0779-7796-45D2-8967-459F562A6243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\\\\(1\\\\)\",\"versionEndExcluding\":\"6.1\\\\(4\\\\)\",\"matchCriteriaId\":\"98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.0\\\\(2a\\\\)su1\",\"matchCriteriaId\":\"906EED24-1D35-4952-AFCA-D7D5223F66D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.1\",\"versionEndExcluding\":\"7.1\\\\(2\\\\)\",\"matchCriteriaId\":\"96DB29BF-9A40-4591-BE41-C519B86C2EEF\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/57455\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36498\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36499\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36152\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022775\",\"source\":\"ykramarz@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://osvdb.org/57455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36499\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36152\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022775\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

ghsa-8j74-6x75-vf94

Vulnerability from github

Published

2022-05-02 03:31

Modified

2022-05-02 03:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-2053"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-08-27T17:00:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.",
  "id": "GHSA-8j74-6x75-vf94",
  "modified": "2022-05-02T03:31:15Z",
  "published": "2022-05-02T03:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2053"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/57455"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36498"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36499"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36152"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022775"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. Cisco Unified Communications Manager There is a service disruption (DoS) There is a vulnerability that becomes a condition. The problem is Bug IDs CSCsx32236 It is a problem.A large amount by a third party TCP Service disruption via packets (DoS) There is a possibility of being put into a state. An attacker can exploit these issues to cause denial-of-service conditions in the affected application. These issues are documented by these Cisco bug IDs: CSCsi46466 CSCsz40392 CSCsq22534 CSCsx32236 CSCsx23689. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

SOLUTION: Update to version 5.1(3g) (reportedly available in early September 2009).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. The Session Initiation Protocol (SIP) and Skinny Client Control Protocol (SCCP) services are affected by these vulnerabilities. There are no workarounds for these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities.

Details

Cisco Unified Communications Manager is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices, such as IP phones, media processing devices, VoIP gateways, and multimedia applications. Each vulnerability is triggered by a malformed SIP message that could cause a critical process to fail, resulting in the disruption of voice services. All SIP ports (TCP 5060 and 5061, UDP 5060 and 5061) are affected by these vulnerabilities. To mitigate against this vulnerability, administrators are advised to restrict access to TCP and UDP port 5060 on vulnerable Cisco Unified Communications Manager 4.x systems that are configured to use SIP trunks with screening devices to valid SIP trunk end points.

The second SIP DoS vulnerability is documented in Cisco Bug ID CSCsz40392 and has been assigned the CVE identifier CVE-2009-2051. By establishing many TCP connections with a vulnerable system, an attacker could overwhelm the operating system table that is used to track network connections and prevent new connections from being established to system services. Any service that listens to a TCP port on a vulnerable system could be affected by this vulnerability, including SIP and SCCP. By flooding a vulnerable system with many TCP packets, an attacker could exhaust operating system file descriptors that cause the SIP port (TCP 5060 and 5061) and SCCP port (TCP 2000 and 2443) to close. This action could prevent new connections from being established to the SIP and SCCP services. SIP UDP (5060 and 5061) ports are not affected.

Vulnerability Scoring Details

Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsi46466 - CM 6.1 SDL router services dead when receiving abnormal

CVSS Base Score - 7.8

Access Vector - Network Access Complexity - Low Authentication - None Confidentiality Impact - None Integrity Impact - None Availability Impact - Complete

CVSS Temporal Score - 6.4