CVSS: 7.8EPSS: 1%CPEs: 2EXPL: 0CVE-2008-1743
https://notcve.org/view.php?id=CVE-2008-1743
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider service de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (consumo excesivo de memoria e interrupción del servicio) a través de una serie de paquetes TCP malformados, también conocido como Bug ID CSCsi98433. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42414 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 2%CPEs: 13EXPL: 0CVE-2008-1742
https://notcve.org/view.php?id=CVE-2008-1742
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. Fugas de memoria en el servicio Certificate Trust List (CTL) Provider de Cisco Unified Communications Manager (CUCM) 5.x versiones anteriores a 5.1(3) permite a atacantes remotos provocar una denegación de servicio (consumo excesivo de memoria e interrupción del servicio) a través de una serie de paquetes TCP malformados, como lo demostrado por TCPFUZZ, también conocido como Bug ID CSCsj80609. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42410 • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 1%CPEs: 5EXPL: 0CVE-2008-1747
https://notcve.org/view.php?id=CVE-2008-1747
Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. Vulnerabilidad no especificada en Cisco Unified Communications Manager 4.1 versiones anteriores a 4.1(3)SR6, 4.2 versiones anteriores a 4.2(3)SR3, 4.3 versiones anteriores a 4.3(2), 5.x versiones anteriores a 5.1(3), y 6.x versiones anteriores a 6.1(1) permite a atacantes remotos provocar una denegación de servicio (reinicio servicio CCM) a través de un mensaje SIP INVITE sin especificar, también conocido como Bug ID CSCsk46944. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42418 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 2%CPEs: 20EXPL: 0CVE-2008-1744
https://notcve.org/view.php?id=CVE-2008-1744
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770. El servicio Certificate Authority Proxy Function (CAPF) service de Cisco Unified Communications Manager (CUCM) 4.1 versiones anteriores a 4.1(3)SR7, 4.2 versiones anteriores a 4.2(3)SR4, y 4.3 versiones anteriores a 4.3(2) permite a atacantes remotos provocar una denegación de servicio (caída del servicio) a través de tráfico de red malformado, también conocido como Bug ID CSCsk46770. • http://secunia.com/advisories/30238 http://securitytracker.com/id?1020022 http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml http://www.securityfocus.com/bid/29221 http://www.vupen.com/english/advisories/2008/1533 https://exchange.xforce.ibmcloud.com/vulnerabilities/42415 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 11%CPEs: 8EXPL: 0CVE-2008-1154
https://notcve.org/view.php?id=CVE-2008-1154
The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. El Disaster Recovery Framework (DRF) Master Server en productos Cisco Unified Communications, incluyendo Unified Communications Manager (CUCM) 5.x y 6.x, Unified Presence 1.x y 6.x, Emergency Responder 2.x, y Mobility Manager 2.x, no requiere autenticación para las peticiones recibidas desde la red, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados. • http://secunia.com/advisories/29670 http://securitytracker.com/id?1019768 http://www.cisco.com/en/US/products/products_security_advisory09186a008096fd9a.shtml http://www.securityfocus.com/bid/28591 http://www.vupen.com/english/advisories/2008/1093 https://exchange.xforce.ibmcloud.com/vulnerabilities/41632 • CWE-287: Improper Authentication •