Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0368

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2006-0368
Last Modified 07 Mar 2011 09:29:54
Published 22 Jan 2006 03:03:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0368

Summary

Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.

Vulnerable Systems


References

SECUNIA - 18494

VUPEN - ADV-2006-0249

BID - 16295

CISCO - 20060118 Cisco Call Manager Denial of Service

XF - cisco-callmanager-port-connection-dos(24180)

OSVDB - 22623

OSVDB - 22622

SECTRACK - 1015503

SREASON - 359


Last Updated: 27 May 2016 10:41:38