Vulnerabilities > CVE-2007-5537 - Resource Management Errors vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://osvdb.org/37941
- http://secunia.com/advisories/27296
- http://www.cisco.com/en/US/products/products_security_advisory09186a00808dda34.shtml
- http://www.securityfocus.com/bid/26105
- http://www.securitytracker.com/id?1018828
- http://www.vupen.com/english/advisories/2007/3532
- https://exchange.xforce.ibmcloud.com/vulnerabilities/37246