CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2008-1742
https://notcve.org/view.php?id=CVE-2008-1742
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) permite a atacantes remotos provocar una denegación de servicio (consumo excesivo de memoria e interrupción del servicio) a través de una serie de paquetes TCP malformados, como lo demostrado por TCPFUZZ, también conocido como Bug ID CSCsj80609. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42410 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2008-1747
https://notcve.org/view.php?id=CVE-2008-1747
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. Vulnerabilidad no especificada en Cisco Unified Communications Manager 4.1 versiones anteriores a 4.1(3)SR6, 4.2 versiones anteriores a 4.2(3)SR3, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriores a 5.1(3), y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (reinicio servicio CCM) a través de un mensaje SIP INVITE sin especificar, también conocido como Bug ID CSCsk46944. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42418 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 18%CPEs: 9EXPL: 0CVE-2008-0027
https://notcve.org/view.php?id=CVE-2008-0027
Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. Desbordamiento de búfer basado en pila en el servicio proveedor de Listas de Certificados Confiables (CTL, Certificate Trust List) (CTLProvider.exe) en Cisco Unified Communications Manager (CUCM) 4.2 anterior a 4.2(3)SR3 y 4.3 anterior a 4.3(1)SR1, y CallManager 4.0 y 4.1 anterior a 4.1(3)SR5c, permite a atacantes remotos provocar una denegación de servicio o ejecutar código de su elección mediante una petición larga. • http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 http://secunia.com/advisories/28530 http://securityreason.com/securityalert/3551 http://www.cisco.com/en/US/products/products_security_advisory09186a0080932c61.shtml http://www.securityfocus.com/archive/1/486432/100/0/threaded http://www.securityfocus.com/bid/27313 http://www.securitytracker.com/id?1019223 http://www.vupen.com/english/advisories/2008/0171 https://exchange.xforce.ibmcloud.com/vulnerabilities/39704 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 3%CPEs: 2EXPL: 0CVE-2007-5537
https://notcve.org/view.php?id=CVE-2007-5537
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. Cisco Unified communications Manager (CUCM, anteriormente CallManager) 5.1 anterior a 5.1(2), y Unified CallManager 5.0, permiten a atacantes remotos provocar una denegación de servicio (kernel panic) mediante una inundación de mensajes SIP INVITE al puerto UDP 5060, lo cual dispara un agotamiento de recursos, también conocida como, CSCsi75822. • http://osvdb.org/37941 http://secunia.com/advisories/27296 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml http://www.securityfocus.com/bid/26105 http://www.securitytracker.com/id?1018828 http://www.vupen.com/english/advisories/2007/3532 https://exchange.xforce.ibmcloud.com/vulnerabilities/37246 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 8%CPEs: 2EXPL: 0CVE-2007-5538
https://notcve.org/view.php?id=CVE-2007-5538
Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. Desbordamiento de búfer en Centralized TFTP File Locator Service de Cisco Unified Communications Manager (CUCM, antes conocido como CallManager) 5.1 anterior a 5.1(3), y Unified CallManager 5.0, permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio mediante vectores no especificados que implican el procesamiento de nombres de fichero, también conocido como CSCsh47712. • http://osvdb.org/37940 http://secunia.com/advisories/27296 http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml http://www.securityfocus.com/bid/26105 http://www.securitytracker.com/id?1018828 http://www.vupen.com/english/advisories/2007/3532 https://exchange.xforce.ibmcloud.com/vulnerabilities/37247 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •