Page 2 of 13 results (0.007 seconds)

CVSS: 9.3EPSS: 6%CPEs: 6EXPL: 0

Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. Error de superación de límite (off-by-one) en el servicio Certificate Trust List (CTL) Provider (CTLProvider.exe) de Cisco Unified Communications Manager (CUCM, anteriormente CallManager) anterior al 11/07/2007 permite a atacantes remotos ejecutar código de su elección mediante un paquete manipulado que dispara un desbordamiento de búfer basado en montículo. • http://secunia.com/advisories/26043 http://securitytracker.com/id?1018369 http://www.cisco.com/warp/public/707/cisco-sa-20070711-cucm.shtml http://www.iss.net/threats/270.html http://www.osvdb.org/36122 http://www.securityfocus.com/bid/24868 http://www.vupen.com/english/advisories/2007/2512 https://exchange.xforce.ibmcloud.com/vulnerabilities/31437 •

CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0

Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios de voz) mediante una inundación de peticiones de eco ICMP, también conocido como bug ID CSCsf12698. • http://secunia.com/advisories/24690 http://securitytracker.com/id?1017826 http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml http://www.securityfocus.com/bid/23181 http://www.vupen.com/english/advisories/2007/1144 https://exchange.xforce.ibmcloud.com/vulnerabilities/33299 •

CVSS: 5.0EPSS: 10%CPEs: 25EXPL: 0

The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. La implementación del protocolo Skinny Call Control (SCCP) para el Cisco Unified CallManager (CUCM) 3.3 anterior al 3.3(5)SR2a, 4.1 anterior al 4.1(3)SR4, 4.2 anterior al 4.2(3)SR1 y 5.0 anterior al 5.0(4a)SU1 permite a atacantes remotos provocar una denegación de servicio (pérdida del servicio de voz) mediante el envío de paquetes modificados al puerto (1) SCCP (2000/tcp) o (2) SCCPS (2443/tcp). • http://secunia.com/advisories/24665 http://securitytracker.com/id?1017826 http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml http://www.securityfocus.com/bid/23181 http://www.vupen.com/english/advisories/2007/1144 https://exchange.xforce.ibmcloud.com/vulnerabilities/33295 •

CVSS: 7.8EPSS: 2%CPEs: 9EXPL: 0

Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949. Vulnerabilidad no especificada en en el servicio IPSec Manager para Cisco Unified CallManager (CUCM) 5.0 anterior a 5.0(4a)SU1 y Cisco Unified Presence Server (CUPS) 1.0 anterior a 1.0(3) permite a atacantes remotos provocar una denegación de servicio (pérdida de servicios de clúster) mediante un "paquete UDP específico" al puerto UDP 8500, también conocido como bug ID CSCSG60949. • http://osvdb.org/34919 http://secunia.com/advisories/24690 http://securitytracker.com/id?1017826 http://www.cisco.com/warp/public/707/cisco-sa-20070328-voip.shtml http://www.securityfocus.com/bid/23181 http://www.vupen.com/english/advisories/2007/1144 https://exchange.xforce.ibmcloud.com/vulnerabilities/33302 •

CVSS: 7.8EPSS: 2%CPEs: 11EXPL: 0

Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegación de servicio (resource consumption) mediante una exploración de puertos con opciones concretas. • http://secunia.com/advisories/22574 http://securitytracker.com/id?1017118 http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml http://www.osvdb.org/30055 http://www.securityfocus.com/bid/20737 http://www.vupen.com/english/advisories/2006/4198 https://exchange.xforce.ibmcloud.com/vulnerabilities/29829 •