Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
BID:29933
Info
Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
| Bugtraq ID: | 29933 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2008-2061 |
| Remote: | Yes |
| Local: | No |
| Published: | Jun 25 2008 12:00AM |
| Updated: | Apr 29 2009 07:26PM |
| Credit: | VoIPshield |
| Vulnerable: |
Cisco Unified Communications Manager 6.1(1a) Cisco Unified Communications Manager 6.1(1) Cisco Unified Communications Manager 6.1 Cisco Unified Communications Manager 6.0(1) Cisco Unified Communications Manager 6.0 (1a) Cisco Unified Communications Manager 6.0 Cisco Unified Communications Manager 5.1(3a) Cisco Unified Communications Manager 5.1(3) Cisco Unified Communications Manager 5.1(2b) Cisco Unified Communications Manager 5.1(2a) Cisco Unified Communications Manager 5.1(2) Cisco Unified Communications Manager 5.1(1) Cisco Unified Communications Manager 5.0 Cisco Unified Communications Manager 4.3(2) Cisco Unified Communications Manager 4.3(1)Sr.1 Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.2(3)sr2 Cisco Unified Communications Manager 4.2 (3)SR3 Cisco Unified Communications Manager 4.2 (3)SR2b Cisco Unified CallManager 4.1(3)SR7 Cisco Unified CallManager 4.1(3)sr5 Cisco Unified CallManager 4.1(3)sr5 Cisco Unified CallManager 4.1(3)SR4 Cisco Unified CallManager 4.1 (3)SR5c Cisco Unified CallManager 4.1 (3)SR5b Cisco Unified CallManager 4.1 |
| Not Vulnerable: |
Cisco Unified Communications Manager 6.1(2) Cisco Unified Communications Manager 5.1(3C) Cisco Unified Communications Manager 4.3(2)SR1 Cisco Unified Communications Manager 4.2 (3)SR4 |
Discussion
Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
Cisco Unified Communications Manager is prone to a denial-of-service vulnerability because it fails to handle malformed input.
An attacker can exploit this issue to cause an interruption in voice services.
This issue is documented by Cisco Bug ID CSCso75027.
Cisco Unified Communications Manager is prone to a denial-of-service vulnerability because it fails to handle malformed input.
An attacker can exploit this issue to cause an interruption in voice services.
This issue is documented by Cisco Bug ID CSCso75027.
Exploit / POC
Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
To exploit this issue, attackers can use readily available network utilities.
To exploit this issue, attackers can use readily available network utilities.
Solution / Fix
Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
Solution:
The vendor has released updates. Please see the referenced advisory for more information.
Solution:
The vendor has released updates. Please see the referenced advisory for more information.
References
Cisco Unified Communications Manager CTI Service Denial of Service Vulnerability
References:
References: