Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-1742

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-1742
Last Modified 07 Mar 2011 10:07:34
Published 16 May 2008 08:54:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-1742

Summary

Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.

Vulnerable Systems

Application

  • Cisco Unified Communications Manager 4.1

  • Cisco Unified Communications Manager 4.2

  • Cisco Unified Communications Manager 4.3

  • Cisco Unified Communications Manager 5.1

  • Cisco Unified Communications Manager 6.0

  • Cisco Unified Communications Manager 6.1


References

XF - cucm-ctlprovider-dos(42410)

VUPEN - ADV-2008-1533

BID - 29221

CISCO - 20080514 Cisco Unified Communications Manager Denial of Service Vulnerabilities

SECTRACK - 1020022

SECUNIA - 30238


Last Updated: 27 May 2016 10:47:38