Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4543

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2008-4543
Last Modified 07 Mar 2011 10:12:38
Published 13 Oct 2008 04:00:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4543

Summary

Cisco Unity 4.x before 4.2(1)ES161, 5.x before 5.0(1)ES53, and 7.x before 7.0(2)ES8, when using anonymous authentication (aka native Unity authentication), allows remote attackers to cause a denial of service (session exhaustion) via a large number of connections.

Vulnerable Systems

Application

  • Cisco Unity 4.0

  • Cisco Unity 4.0%281%29

  • Cisco Unity 4.0%282%29

  • Cisco Unity 4.0%283%29

  • Cisco Unity 4.0%284%29

  • Cisco Unity 4.0%285%29

  • Cisco Unity 4.1%281%29

  • Cisco Unity 4.2%281%29

  • Cisco Unity 5.0

  • Cisco Unity 5.0%281%29

  • Cisco Unity 7.0

  • Cisco Unity 7.0%282%29


References

XF - cisco-unityserver-session-handling-dos(45743)

VUPEN - ADV-2008-2771

MISC - http://www.voipshield.com/research-details.php?id=128

BID - 31642

CISCO - 20081008 VoIPshield Reported Vulnerabilities in Cisco Unity Server

SECTRACK - 1021013

SECUNIA - 32187


Last Updated: 27 May 2016 10:48:32