CVE-2009-2053 (GCVE-0-2009-2053)

Vulnerability from cvelistv5 – Published: 2009-08-27 16:31 – Updated: 2024-08-07 05:36

Summary

Severity ?

No CVSS data available.

CWE

Assigner

cisco

References

URL

Tags

	http://secunia.com/advisories/36499	third-party-advisoryx_refsource_SECUNIA
	http://www.securityfocus.com/bid/36152	vdb-entryx_refsource_BID
	http://secunia.com/advisories/36498	third-party-advisoryx_refsource_SECUNIA
	http://osvdb.org/57455	vdb-entryx_refsource_OSVDB
	http://www.cisco.com/en/US/products/products_secu…	vendor-advisoryx_refsource_CISCO
	http://www.securitytracker.com/id?1022775	vdb-entryx_refsource_SECTRACK

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T05:36:20.982Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "36499",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36499"
          },
          {
            "name": "36152",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/36152"
          },
          {
            "name": "36498",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/36498"
          },
          {
            "name": "57455",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/57455"
          },
          {
            "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
            "tags": [
              "vendor-advisory",
              "x_refsource_CISCO",
              "x_transferred"
            ],
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
          },
          {
            "name": "1022775",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1022775"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2009-08-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2009-09-02T09:00:00",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "36499",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36499"
        },
        {
          "name": "36152",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/36152"
        },
        {
          "name": "36498",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/36498"
        },
        {
          "name": "57455",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/57455"
        },
        {
          "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
          "tags": [
            "vendor-advisory",
            "x_refsource_CISCO"
          ],
          "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
        },
        {
          "name": "1022775",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1022775"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "36499",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36499"
            },
            {
              "name": "36152",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/36152"
            },
            {
              "name": "36498",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/36498"
            },
            {
              "name": "57455",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/57455"
            },
            {
              "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
            },
            {
              "name": "1022775",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1022775"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2009-2053",
    "datePublished": "2009-08-27T16:31:00",
    "dateReserved": "2009-06-12T00:00:00",
    "dateUpdated": "2024-08-07T05:36:20.982Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"5.0\", \"versionEndExcluding\": \"5.1\\\\(3g\\\\)\", \"matchCriteriaId\": \"B48B0779-7796-45D2-8967-459F562A6243\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"6.1\\\\(1\\\\)\", \"versionEndExcluding\": \"6.1\\\\(4\\\\)\", \"matchCriteriaId\": \"98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.0\", \"versionEndExcluding\": \"7.0\\\\(2a\\\\)su1\", \"matchCriteriaId\": \"906EED24-1D35-4952-AFCA-D7D5223F66D3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"7.1\", \"versionEndExcluding\": \"7.1\\\\(2\\\\)\", \"matchCriteriaId\": \"96DB29BF-9A40-4591-BE41-C519B86C2EEF\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.\"}, {\"lang\": \"es\", \"value\": \"Cisco Unified Communications Manager (tambi\\u00e9n conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegaci\\u00f3n de servicio (agotamiento del descriptor de fichero y parada SCCP) a trav\\u00e9s de la inundaci\\u00f3n de paquetes TCP, tambi\\u00e9n conocido como Bug ID CSCsx32236.\"}]",
      "id": "CVE-2009-2053",
      "lastModified": "2024-11-21T01:04:01.140",
      "metrics": "{\"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:C\", \"baseScore\": 7.8, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2009-08-27T17:00:01.030",
      "references": "[{\"url\": \"http://osvdb.org/57455\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36498\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36499\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36152\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022775\", \"source\": \"ykramarz@cisco.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://osvdb.org/57455\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://secunia.com/advisories/36498\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://secunia.com/advisories/36499\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/36152\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.securitytracker.com/id?1022775\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}]",
      "sourceIdentifier": "ykramarz@cisco.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-Other\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2009-2053\",\"sourceIdentifier\":\"psirt@cisco.com\",\"published\":\"2009-08-27T17:00:01.030\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.\"},{\"lang\":\"es\",\"value\":\"Cisco Unified Communications Manager (tambi\u00e9n conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento del descriptor de fichero y parada SCCP) a trav\u00e9s de la inundaci\u00f3n de paquetes TCP, tambi\u00e9n conocido como Bug ID CSCsx32236.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:C\",\"baseScore\":7.8,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.0\",\"versionEndExcluding\":\"5.1\\\\(3g\\\\)\",\"matchCriteriaId\":\"B48B0779-7796-45D2-8967-459F562A6243\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.1\\\\(1\\\\)\",\"versionEndExcluding\":\"6.1\\\\(4\\\\)\",\"matchCriteriaId\":\"98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.0\",\"versionEndExcluding\":\"7.0\\\\(2a\\\\)su1\",\"matchCriteriaId\":\"906EED24-1D35-4952-AFCA-D7D5223F66D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"7.1\",\"versionEndExcluding\":\"7.1\\\\(2\\\\)\",\"matchCriteriaId\":\"96DB29BF-9A40-4591-BE41-C519B86C2EEF\"}]}]}],\"references\":[{\"url\":\"http://osvdb.org/57455\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36498\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36499\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36152\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022775\",\"source\":\"psirt@cisco.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://osvdb.org/57455\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://secunia.com/advisories/36498\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://secunia.com/advisories/36499\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/36152\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id?1022775\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]}]}}"
  }
}

CERTA-2009-AVI-357

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités de Cisco Unified Communications Manager permettent à un utilisateur malveillant de réaliser un déni de service à distance.

Description

Plusieurs vulnérabilités de Cisco Unified Communications Manager ont été publiées et corrigées :

le traitement défectueux des paquets SIP malformés, émis vers les ports 5060 et 5061, en UDP comme en TCP, conduit à l'arrêt d'un processus essentiel du système. Le service de transport de la voix est interrompu ;
le suivi des connexions TCP par le pare-feu intégré au système d'exploitation est vulnérable à une attaque par saturation d'une table du système ;
les processus de gestion des protocoles SIP (ports 5060 et 5061) et SCCP (ports 2000 et 2443) en TCP sont vulnérables à une attaque épuisant les ressources du système en descripteurs de fichiers. L'exploitation de cette vulnérabilité rend impossible la création de nouvelles connexions.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Unified Communications Manager versions 4.x, 5.x, 6.x et 7.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20090826-cucm du 26 août 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco Unified Communications Manager  versions 4.x, 5.x, 6.x et 7.x.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager ont \u00e9t\u00e9\npubli\u00e9es et corrig\u00e9es\u00a0:\n\n-   le traitement d\u00e9fectueux des paquets SIP malform\u00e9s, \u00e9mis vers les\n    ports 5060 et 5061, en UDP comme en TCP, conduit \u00e0 l\u0027arr\u00eat d\u0027un\n    processus essentiel du syst\u00e8me. Le service de transport de la voix\n    est interrompu ;\n-   le suivi des connexions TCP par le pare-feu int\u00e9gr\u00e9 au syst\u00e8me\n    d\u0027exploitation est vuln\u00e9rable \u00e0 une attaque par saturation d\u0027une\n    table du syst\u00e8me ;\n-   les processus de gestion des protocoles SIP (ports 5060 et 5061) et\n    SCCP (ports 2000 et 2443) en TCP sont vuln\u00e9rables \u00e0 une attaque\n    \u00e9puisant les ressources du syst\u00e8me en descripteurs de fichiers.\n    L\u0027exploitation de cette vuln\u00e9rabilit\u00e9 rend impossible la cr\u00e9ation de\n    nouvelles connexions.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2054"
    },
    {
      "name": "CVE-2009-2052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2052"
    },
    {
      "name": "CVE-2009-2053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2053"
    },
    {
      "name": "CVE-2009-2050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2050"
    },
    {
      "name": "CVE-2009-2051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2051"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-357",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-08-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager\npermettent \u00e0 un utilisateur malveillant de r\u00e9aliser un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20090826-cucm du 26 ao\u00fbt 2009",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090826-cucm.shtml"
    }
  ]
}

CERTA-2009-AVI-357

Vulnerability from certfr_avis - Published: - Updated:

Plusieurs vulnérabilités de Cisco Unified Communications Manager permettent à un utilisateur malveillant de réaliser un déni de service à distance.

Description

Plusieurs vulnérabilités de Cisco Unified Communications Manager ont été publiées et corrigées :

le traitement défectueux des paquets SIP malformés, émis vers les ports 5060 et 5061, en UDP comme en TCP, conduit à l'arrêt d'un processus essentiel du système. Le service de transport de la voix est interrompu ;
le suivi des connexions TCP par le pare-feu intégré au système d'exploitation est vulnérable à une attaque par saturation d'une table du système ;
les processus de gestion des protocoles SIP (ports 5060 et 5061) et SCCP (ports 2000 et 2443) en TCP sont vulnérables à une attaque épuisant les ressources du système en descripteurs de fichiers. L'exploitation de cette vulnérabilité rend impossible la création de nouvelles connexions.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

Cisco Unified Communications Manager versions 4.x, 5.x, 6.x et 7.x.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletin de sécurité Cisco 20090826-cucm du 26 août 2009

None

vendor-advisory

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eCisco Unified Communications Manager  versions 4.x, 5.x, 6.x et 7.x.\u003c/p\u003e",
  "content": "## Description\n\nPlusieurs vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager ont \u00e9t\u00e9\npubli\u00e9es et corrig\u00e9es\u00a0:\n\n-   le traitement d\u00e9fectueux des paquets SIP malform\u00e9s, \u00e9mis vers les\n    ports 5060 et 5061, en UDP comme en TCP, conduit \u00e0 l\u0027arr\u00eat d\u0027un\n    processus essentiel du syst\u00e8me. Le service de transport de la voix\n    est interrompu ;\n-   le suivi des connexions TCP par le pare-feu int\u00e9gr\u00e9 au syst\u00e8me\n    d\u0027exploitation est vuln\u00e9rable \u00e0 une attaque par saturation d\u0027une\n    table du syst\u00e8me ;\n-   les processus de gestion des protocoles SIP (ports 5060 et 5061) et\n    SCCP (ports 2000 et 2443) en TCP sont vuln\u00e9rables \u00e0 une attaque\n    \u00e9puisant les ressources du syst\u00e8me en descripteurs de fichiers.\n    L\u0027exploitation de cette vuln\u00e9rabilit\u00e9 rend impossible la cr\u00e9ation de\n    nouvelles connexions.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2009-2054",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2054"
    },
    {
      "name": "CVE-2009-2052",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2052"
    },
    {
      "name": "CVE-2009-2053",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2053"
    },
    {
      "name": "CVE-2009-2050",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2050"
    },
    {
      "name": "CVE-2009-2051",
      "url": "https://www.cve.org/CVERecord?id=CVE-2009-2051"
    }
  ],
  "links": [],
  "reference": "CERTA-2009-AVI-357",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2009-08-27T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "D\u00e9ni de service \u00e0 distance"
    }
  ],
  "summary": "Plusieurs vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager\npermettent \u00e0 un utilisateur malveillant de r\u00e9aliser un d\u00e9ni de service \u00e0\ndistance.\n",
  "title": "Vuln\u00e9rabilit\u00e9s de Cisco Unified Communications Manager",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletin de s\u00e9curit\u00e9 Cisco 20090826-cucm du 26 ao\u00fbt 2009",
      "url": "http://www.cisco.com/warp/public/707/cisco-sa-20090826-cucm.shtml"
    }
  ]
}

GSD-2009-2053

Vulnerability from gsd - Updated: 2023-12-13 01:19

Details

Aliases

CVE-2009-2053

Aliases

CVE-2009-2053

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2009-2053",
    "description": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.",
    "id": "GSD-2009-2053"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2009-2053"
      ],
      "details": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.",
      "id": "GSD-2009-2053",
      "modified": "2023-12-13T01:19:46.196933Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "psirt@cisco.com",
        "ID": "CVE-2009-2053",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "36499",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36499"
          },
          {
            "name": "36152",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/36152"
          },
          {
            "name": "36498",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/36498"
          },
          {
            "name": "57455",
            "refsource": "OSVDB",
            "url": "http://osvdb.org/57455"
          },
          {
            "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
            "refsource": "CISCO",
            "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
          },
          {
            "name": "1022775",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id?1022775"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.1\\(3g\\)",
                "versionStartIncluding": "5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "6.1\\(4\\)",
                "versionStartIncluding": "6.1\\(1\\)",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.0\\(2a\\)su1",
                "versionStartIncluding": "7.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "7.1\\(2\\)",
                "versionStartIncluding": "7.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "psirt@cisco.com",
          "ID": "CVE-2009-2053"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-Other"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20090826 Cisco Unified Communications Manager Denial of Service Vulnerabilities",
              "refsource": "CISCO",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
            },
            {
              "name": "36152",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/36152"
            },
            {
              "name": "57455",
              "refsource": "OSVDB",
              "tags": [
                "Broken Link"
              ],
              "url": "http://osvdb.org/57455"
            },
            {
              "name": "36499",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/36499"
            },
            {
              "name": "1022775",
              "refsource": "SECTRACK",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id?1022775"
            },
            {
              "name": "36498",
              "refsource": "SECUNIA",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://secunia.com/advisories/36498"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "COMPLETE",
            "baseScore": 7.8,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 6.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "HIGH",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2021-10-06T15:14Z",
      "publishedDate": "2009-08-27T17:00Z"
    }
  }
}

GHSA-8J74-6X75-VF94

Vulnerability from github – Published: 2022-05-02 03:31 – Updated: 2022-05-02 03:31

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2009-2053"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2009-08-27T17:00:00Z",
    "severity": "HIGH"
  },
  "details": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236.",
  "id": "GHSA-8j74-6x75-vf94",
  "modified": "2022-05-02T03:31:15Z",
  "published": "2022-05-02T03:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2009-2053"
    },
    {
      "type": "WEB",
      "url": "http://osvdb.org/57455"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36498"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/36499"
    },
    {
      "type": "WEB",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/36152"
    },
    {
      "type": "WEB",
      "url": "http://www.securitytracker.com/id?1022775"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

FKIE_CVE-2009-2053

Vulnerability from fkie_nvd - Published: 2009-08-27 17:00 - Updated: 2025-04-09 00:30

Severity ?

Summary

References

URL	Tags
psirt@cisco.com	http://osvdb.org/57455	Broken Link
psirt@cisco.com	http://secunia.com/advisories/36498	Vendor Advisory
psirt@cisco.com	http://secunia.com/advisories/36499	Vendor Advisory
psirt@cisco.com	http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml	Patch, Vendor Advisory
psirt@cisco.com	http://www.securityfocus.com/bid/36152	Third Party Advisory, VDB Entry
psirt@cisco.com	http://www.securitytracker.com/id?1022775	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://osvdb.org/57455	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36498	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/36499	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/36152	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id?1022775	Third Party Advisory, VDB Entry

Impacted products

Vendor	Product	Version
cisco	unified_communications_manager	*
cisco	unified_communications_manager	*
cisco	unified_communications_manager	*
cisco	unified_communications_manager	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B48B0779-7796-45D2-8967-459F562A6243",
              "versionEndExcluding": "5.1\\(3g\\)",
              "versionStartIncluding": "5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "98AF7F97-8702-4E7B-BDE4-BD5A3114FDF4",
              "versionEndExcluding": "6.1\\(4\\)",
              "versionStartIncluding": "6.1\\(1\\)",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "906EED24-1D35-4952-AFCA-D7D5223F66D3",
              "versionEndExcluding": "7.0\\(2a\\)su1",
              "versionStartIncluding": "7.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "96DB29BF-9A40-4591-BE41-C519B86C2EEF",
              "versionEndExcluding": "7.1\\(2\\)",
              "versionStartIncluding": "7.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236."
    },
    {
      "lang": "es",
      "value": "Cisco Unified Communications Manager (tambi\u00e9n conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegaci\u00f3n de servicio (agotamiento del descriptor de fichero y parada SCCP) a trav\u00e9s de la inundaci\u00f3n de paquetes TCP, tambi\u00e9n conocido como Bug ID CSCsx32236."
    }
  ],
  "id": "CVE-2009-2053",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-08-27T17:00:01.030",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/57455"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36498"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36499"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36152"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022775"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://osvdb.org/57455"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36498"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/36499"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/36152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id?1022775"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

VAR-200908-0258

Vulnerability from variot - Updated: 2023-12-18 12:11

Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. Cisco Unified Communications Manager There is a service disruption (DoS) There is a vulnerability that becomes a condition. The problem is Bug IDs CSCsx32236 It is a problem.A large amount by a third party TCP Service disruption via packets (DoS) There is a possibility of being put into a state. An attacker can exploit these issues to cause denial-of-service conditions in the affected application. These issues are documented by these Cisco bug IDs: CSCsi46466 CSCsz40392 CSCsq22534 CSCsx32236 CSCsx23689. ----------------------------------------------------------------------

Do you have VARM strategy implemented?

(Vulnerability Assessment Remediation Management)

If not, then implement it through the most reliable vulnerability intelligence source on the market.

Implement it through Secunia.

SOLUTION: Update to version 5.1(3g) (reportedly available in early September 2009).

PROVIDED AND/OR DISCOVERED BY: Reported by the vendor.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. The Session Initiation Protocol (SIP) and Skinny Client Control Protocol (SCCP) services are affected by these vulnerabilities. There are no workarounds for these vulnerabilities. No other Cisco products are currently known to be affected by these vulnerabilities.

Details

Cisco Unified Communications Manager is the call processing component of the Cisco IP Telephony solution that extends enterprise telephony features and functions to packet telephony network devices, such as IP phones, media processing devices, VoIP gateways, and multimedia applications. Each vulnerability is triggered by a malformed SIP message that could cause a critical process to fail, resulting in the disruption of voice services. All SIP ports (TCP 5060 and 5061, UDP 5060 and 5061) are affected by these vulnerabilities. To mitigate against this vulnerability, administrators are advised to restrict access to TCP and UDP port 5060 on vulnerable Cisco Unified Communications Manager 4.x systems that are configured to use SIP trunks with screening devices to valid SIP trunk end points.

The second SIP DoS vulnerability is documented in Cisco Bug ID CSCsz40392 and has been assigned the CVE identifier CVE-2009-2051. By establishing many TCP connections with a vulnerable system, an attacker could overwhelm the operating system table that is used to track network connections and prevent new connections from being established to system services. Any service that listens to a TCP port on a vulnerable system could be affected by this vulnerability, including SIP and SCCP. By flooding a vulnerable system with many TCP packets, an attacker could exhaust operating system file descriptors that cause the SIP port (TCP 5060 and 5061) and SCCP port (TCP 2000 and 2443) to close. This action could prevent new connections from being established to the SIP and SCCP services. SIP UDP (5060 and 5061) ports are not affected.

Vulnerability Scoring Details

Cisco has provided scores for the vulnerabilities in this advisory based on the Common Vulnerability Scoring System (CVSS). The CVSS scoring in this Security Advisory is done in accordance with CVSS version 2.0.

CVSS is a standards-based scoring method that conveys vulnerability severity and helps determine urgency and priority of response.

Cisco has provided a base and temporal score. Customers can then compute environmental scores to assist in determining the impact of the vulnerability in individual networks.

Cisco has provided an FAQ to answer additional questions regarding CVSS at:

http://www.cisco.com/web/about/security/intelligence/cvss-qandas.html

Cisco has also provided a CVSS calculator to help compute the environmental impact for individual networks at:

http://intellishield.cisco.com/security/alertmanager/cvss

CSCsi46466 - CM 6.1 SDL router services dead when receiving abnormal

CVSS Base Score - 7.8