CVE-2010-0587
https://notcve.org/view.php?id=CVE-2010-0587
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. Cisco Unified Communications Manager (tambien conocido como CUCM, anteriormente CallManager) v4.x anteriores a v4.3(2)SR2, v6.x anteriores a v6.1(5), v7.x anteriores a v7.1(3a)su1, y v8.x anteriores a v8.0(1) permite a atacantes remotos producir una denegación de servicio (fallo de proceso) a través de un mensaje SCCP StationCapabilitiesRes, con un campo MaxCap invalido, también conocido como Bug ID CSCtc38985. • http://securitytracker.com/id?1023670 http://www.cisco.com/en/US/products/products_security_advisory09186a0080b1b924.shtml http://www.securityfocus.com/bid/38496 •
CVE-2009-2865
https://notcve.org/view.php?id=CVE-2009-2865
Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779. Desbordamiento de búfer en la implementación del inicio de sesión de la característica "Extension Mobility" del componente "Unified Communications Manager Express" (CME) de Cisco IOS v12.4XW, v12.4XY, v12.4XZ y v12.4YA. Permite a usuarios remotos ejecutar código de su elección o provocar una denegación de servicio a través de peticiones HTTP modificadas. También conocido como Bug ID CSCsq58779. • http://osvdb.org/58335 http://tools.cisco.com/security/center/viewAlert.x?alertId=18884 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8116.shtml http://www.securityfocus.com/bid/36498 http://www.securitytracker.com/id?1022932 http://www.vupen.com/english/advisories/2009/2758 https://exchange.xforce.ibmcloud.com/vulnerabilities/53448 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-2864
https://notcve.org/view.php?id=CVE-2009-2864
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. Cisco Unified Communications Manager (también conocido como CUCM, antiguamente como CallManager) v5.x anterior a v5.1(3g), v6.x anterior a v6.1(4), v7.0.x anterior a v7.0(2a)su1 y v7.1.x anterior a v7.1(2) permite a usuarios remotos provocar una denegación del servicio (reinicio del servicio) a través de mensajes SIP malformados. También conocido como Bug ID CSCsz95423. • http://osvdb.org/58344 http://secunia.com/advisories/36836 http://tools.cisco.com/security/center/viewAlert.x?alertId=18883 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml http://www.securityfocus.com/bid/36496 http://www.securitytracker.com/id?1022931 http://www.vupen.com/english/advisories/2009/2757 https://exchange.xforce.ibmcloud.com/vulnerabilities/53447 •
CVE-2009-2051
https://notcve.org/view.php?id=CVE-2009-2051
Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. Cisco Unified Communications Manager (también conocido como CUCM, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores v6.1(4), y v7.x anteriores v7.1(2) permite a los atacantes remotos causar una denegación de servicio (parada del servicio de voz) a través de mensajes malformados SIP INVITE que lanzan una llamada incorrecta a la función sipSafeStrlen, también conocida como Bug ID CSCsz40392. • http://osvdb.org/57453 http://secunia.com/advisories/36498 http://secunia.com/advisories/36499 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml http://www.cisco.com/en/US/products/products_security_advisory09186a0080b4a30f.shtml http://www.securityfocus.com/bid/36152 http://www.securitytracker.com/id?1022775 •
CVE-2009-2053
https://notcve.org/view.php?id=CVE-2009-2053
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. Cisco Unified Communications Manager (también conocido, formalmente CallManager) v4.x, v5.x anteriores a v5.1(3g), v6.x anteriores a v6.1(4), v7.0 anteriores a v7.0(2a)su1, y v7.1 anteriores a v7.1(2) permite a los atacantes remotos causar una denegación de servicio (agotamiento del descriptor de fichero y parada SCCP) a través de la inundación de paquetes TCP, también conocido como Bug ID CSCsx32236. • http://osvdb.org/57455 http://secunia.com/advisories/36498 http://secunia.com/advisories/36499 http://www.cisco.com/en/US/products/products_security_advisory09186a0080af2d11.shtml http://www.securityfocus.com/bid/36152 http://www.securitytracker.com/id?1022775 •