Информационная безопасность
[RU] switch to English


Многочисленные уязвимости в Cisco Unified CallManager / Unified Presence Server (multiple bugs)
Опубликовано:28 марта 2007 г.
Источник:
SecurityVulns ID:7485
Тип:удаленная
Уровень опасности:
6/10
Описание:Отказ в обслуживании при разборе протокола Skinny / SCCP (TCP/2000, TCP/2443), на флуде ICMP эхо-запросов, IPSec (UDP/8500).
Затронутые продукты:CISCO : Unified CallManager 3.3
 CISCO : Unified CallManager 4.1
 CISCO : Unified CallManager 4.2
 CISCO : Unified CallManager 5.0
 CISCO : Unified Presence Server 1.0
CVE:CVE-2007-1834 (Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698.)
 CVE-2007-1833 (The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port.)
 CVE-2007-1826 (Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949.)
Оригинальный текстdocumentCISCO, [Full-disclosure] Cisco Security Advisory: Multiple Cisco Unified CallManager and Presence Server Denial of Service Vulnerabilities (28.03.2007)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород