Vulnerabilities > CVE-2009-2864 - Denial of Service vulnerability in Cisco products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. An unauthenticated, remote attacker could exploit this vulnerability to cause the affected application to fail, resulting in a DoS condition.
Vulnerable Configurations
References
- http://osvdb.org/58344
- http://secunia.com/advisories/36836
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18883
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af8118.shtml
- http://www.securityfocus.com/bid/36496
- http://www.securitytracker.com/id?1022931
- http://www.vupen.com/english/advisories/2009/2757
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53447