Vulnerabilities > CVE-2008-1743 - Resource Management Errors vulnerability in Cisco Unified Communications Manager
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Seebug
| bulletinFamily | exploit |
| description | BUGTRAQ ID: 29221 CVE(CAN) ID: CVE-2008-1744,CVE-2008-1745,CVE-2008-1746,CVE-2008-1747,CVE-2008-1748,CVE-2008-1742,CVE-2008-1743 Cisco Unified Communications Manager(CUCM,之前被称为CallManager)是Cisco IP电话解决方案中的呼叫处理组件。 CUCM中存在多个拒绝服务漏洞,可能导致语音服务中断。 以下Cisco Unified Communications Manager服务受影响: * 证书信任列表(CTL)供应程序 * 证书权威代理功能(CAPF) * 会话初始协议(SIP) * 简单网络管理协议(SNMP)Trap 证书信任列表供应程序相关漏洞 当有漏洞的Cisco Unified Communications Manager系统接收到一系列畸形TCP报文时,Cisco Unified Communications Manager 5.x版本的证书信任列表(CTL)供应程序中的内存耗尽漏洞可能导致拒绝服务。CTL Provider服务默认监听在TCP 2444端口上,是用户可配置的,也是默认启用的。这个漏洞在Cisco Bug ID中记录为CSCsj80609,所分配的CVE标识为CVE-2008-1742。 当有漏洞的Cisco Unified Communications Manager系统接收到一系列畸形TCP报文时,Cisco Unified Communications Manager 5.x和6.x版本的CTL Provider服务的内存耗尽漏洞可能导致拒绝服务。CTL Provider服务默认监听在TCP 2444端口上,是用户可配置的。这个漏洞在Cisco Bug ID中记录为CSCsi98433,所分配的CVE标识为CVE-2008-1743。 证书权威代理功能相关漏洞 Unified Communications Manager 4.1、4.2和4.3版本的证书权威代理功能(CAPF)服务在处理畸形输入时存在拒绝服务漏洞。CAPF服务默认监听在TCP 3804端口,是用户可配置的。CAPF服务默认下为禁用。这个漏洞在Cisco Bug ID中记录为CSCsk46770,所分配的CVE标识为CVE-2008-1744。 SIP相关漏洞 Cisco Unified Communications Manager的5.x和6.x在处理畸形SIP JOIN消息时存在拒绝服务漏洞。无法在Cisco Unified Communications Manager中禁用SIP处理。这个漏洞在Cisco Bug ID中记录为CSCsi48115,所分配的CVE标识为CVE-2008-1745。 Cisco Unified Communications Manager 4.1、4.2、4.3、5.x和6.x版本在处理SIP INVITE消息时存在拒绝服务漏洞。无法在Cisco Unified Communications Manager中禁用SIP处理。这个漏洞在Cisco Bug ID中记录为CSCsk46944,所分配的CVE标识为CVE-2008-1747。 Cisco Unified Communications Manager 4.1、4.2、4.3、5.x和6.x版本在处理SIP INVITE消息时存在拒绝服务漏洞。无法在Cisco Unified Communications Manager中禁用SIP处理。这个漏洞在Cisco Bug ID中记录为CSCsl22355,所分配的CVE标识为CVE-2008-1748。 SNMP Trap相关漏洞 当有漏洞的Cisco Unified Communications Manager系统接收到畸形UDP报文时,Cisco Unified Communications Manager 4.1、4.2、4.3、5.x和6.x版本的SNMP Trap代理服务会出现拒绝服务漏洞。这个漏洞在Cisco Bug ID中记录为CSCsj24113,所分配的CVE标识为CVE-2008-1746。 Cisco Unified CallManager 4.1 Cisco Unified Communications Manager 6.x Cisco Unified Communications Manager 5.x Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.2 临时解决方法: * 禁用有漏洞的服务。 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20080514-cucmdos)以及相应补丁: cisco-sa-20080514-cucmdos:Cisco Unified Communications Manager Denial of Service Vulnerabilities 链接:<a href=http://www.cisco.com/warp/public/707/cisco-sa-20080514-cucmdos.shtml target=_blank>http://www.cisco.com/warp/public/707/cisco-sa-20080514-cucmdos.shtml</a> 补丁下载: <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-41?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-41?psrtdcat20e2</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-42?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-42?psrtdcat20e2</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-43?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-43?psrtdcat20e2</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-51?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-51?psrtdcat20e2</a> <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-61?psrtdcat20e2 target=_blank>http://www.cisco.com/pcgi-bin/tablebuild.pl/callmgr-61?psrtdcat20e2</a> |
| id | SSV:3295 |
| last seen | 2017-11-19 |
| modified | 2008-05-17 |
| published | 2008-05-17 |
| reporter | Root |
| title | Cisco Unified Communications Manager多个拒绝服务漏洞 |
References
- http://secunia.com/advisories/30238
- http://securitytracker.com/id?1020022
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080995688.shtml
- http://www.securityfocus.com/bid/29221
- http://www.vupen.com/english/advisories/2008/1533
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42414