Vulnerabilities > CVE-2006-4032 - Unspecified vulnerability in Cisco Callmanager Express 3.0
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Unspecified vulnerability in Cisco IOS CallManager Express (CME) allows remote attackers to gain sensitive information (user names) from the Session Initiation Protocol (SIP) user directory via certain SIP messages, aka bug CSCse92417.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Hardware | 1 |
References
- http://secunia.com/advisories/21335
- http://secunia.com/advisories/21335
- http://securitytracker.com/id?1016627
- http://securitytracker.com/id?1016627
- http://www.blackhat.com/html/bh-usa-06/bh-usa-06-speakers.html#Endler
- http://www.blackhat.com/html/bh-usa-06/bh-usa-06-speakers.html#Endler
- http://www.cisco.com/warp/public/707/cisco-sr-20060802-sip.shtml
- http://www.cisco.com/warp/public/707/cisco-sr-20060802-sip.shtml
- http://www.osvdb.org/27760
- http://www.osvdb.org/27760
- http://www.securityfocus.com/bid/19309
- http://www.securityfocus.com/bid/19309
- http://www.vupen.com/english/advisories/2006/3126
- http://www.vupen.com/english/advisories/2006/3126
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28185
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28185