Vulnerabilities > CVE-2013-3453 - Resource Management Errors vulnerability in Cisco Unified Communications Manager and Unified Presence

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

CWE-399

nessus

NVD

Published: 2013-08-22

Updated: 2013-08-29

Summary

Memory leak in Cisco Unified Communications Manager IM and Presence Service before 8.6(5)SU1 and 9.x before 9.1(2), and Cisco Unified Presence, allows remote attackers to cause a denial of service (memory and CPU consumption) by making many TCP connections to port (1) 5060 or (2) 5061, aka Bug ID CSCud84959.

Vulnerable Configurations

Part	Description	Count
Application	Cisco Cisco Unified Communications Manager 3.3$5$ Cisco Unified Communications Manager 3.3$5$Sr1 Cisco Unified Communications Manager 3.3$5$Sr2A Cisco Unified Communications Manager 4.1$3$ Cisco Unified Communications Manager 4.1$3$Sr1 Cisco Unified Communications Manager 4.1$3$Sr2 Cisco Unified Communications Manager 4.1$3$Sr3 Cisco Unified Communications Manager 4.1$3$Sr4 Cisco Unified Communications Manager 4.2 Cisco Unified Communications Manager 4.2.1 Cisco Unified Communications Manager 4.2.2 Cisco Unified Communications Manager 4.2.3 Cisco Unified Communications Manager 4.2.3Sr1 Cisco Unified Communications Manager 4.2.3Sr2 Cisco Unified Communications Manager 4.2.3Sr2B Cisco Unified Communications Manager 4.3 Cisco Unified Communications Manager 4.3$1$ Cisco Unified Communications Manager 5.0 Cisco Unified Communications Manager 5.1 Cisco Unified Communications Manager 5.1$1$ Cisco Unified Communications Manager 5.1$1B$ Cisco Unified Communications Manager 5.1$1C$ Cisco Unified Communications Manager 5.1$2$ Cisco Unified Communications Manager 5.1$2A$ Cisco Unified Communications Manager 5.1$2B$ Cisco Unified Communications Manager 5.1$3$ Cisco Unified Communications Manager 5.1$3A$ Cisco Unified Communications Manager 5.1$3C$ Cisco Unified Communications Manager 5.1$3D$ Cisco Unified Communications Manager 5.1$3E$ Cisco Unified Communications Manager 5.1.2 Cisco Unified Communications Manager 6.0 Cisco Unified Communications Manager 6.0$1$ Cisco Unified Communications Manager 6.0$1A$ Cisco Unified Communications Manager 6.0$1B$ Cisco Unified Communications Manager 6.1$1$ Cisco Unified Communications Manager 6.1$1A$ Cisco Unified Communications Manager 6.1$1B$ Cisco Unified Communications Manager 6.1$2$ Cisco Unified Communications Manager 6.1$2$Su1 Cisco Unified Communications Manager 6.1$2$Su1A Cisco Unified Communications Manager 6.1$3$ Cisco Unified Communications Manager 6.1$3A$ Cisco Unified Communications Manager 6.1$3B$ Cisco Unified Communications Manager 6.1$3B$Su1 Cisco Unified Communications Manager 6.1$4$ Cisco Unified Communications Manager 6.1$4$Su1 Cisco Unified Communications Manager 6.1$4A$ Cisco Unified Communications Manager 6.1$4A$Su2 Cisco Unified Communications Manager 6.1$5$ Cisco Unified Communications Manager 6.1$5$Su1 Cisco Unified Communications Manager 6.1$5$Su2 Cisco Unified Communications Manager 6.1$5$Su3 Cisco Unified Communications Manager 7.0$1$Su1 Cisco Unified Communications Manager 7.0$1$Su1A Cisco Unified Communications Manager 7.0$2$ Cisco Unified Communications Manager 7.0$2A$ Cisco Unified Communications Manager 7.0$2A$Su1 Cisco Unified Communications Manager 7.0$2A$Su2 Cisco Unified Communications Manager 7.1$2A$ Cisco Unified Communications Manager 7.1$2A$Su1 Cisco Unified Communications Manager 7.1$2B$ Cisco Unified Communications Manager 7.1$2B$Su1 Cisco Unified Communications Manager 7.1$3$ Cisco Unified Communications Manager 7.1$3A$ Cisco Unified Communications Manager 7.1$3A$Su1 Cisco Unified Communications Manager 7.1$3A$Su1A Cisco Unified Communications Manager 7.1$3B$ Cisco Unified Communications Manager 7.1$3B$Su1 Cisco Unified Communications Manager 7.1$3B$Su2 Cisco Unified Communications Manager 7.1$5$ Cisco Unified Communications Manager 7.1$5$Su1 Cisco Unified Communications Manager 7.1$5$Su1A Cisco Unified Communications Manager 7.1$5A$ Cisco Unified Communications Manager 7.1$5B$ Cisco Unified Communications Manager 7.1$5B$Su1 Cisco Unified Communications Manager 7.1$5B$Su1A Cisco Unified Communications Manager 7.1$5B$Su2 Cisco Unified Communications Manager 7.1$5B$Su3 Cisco Unified Communications Manager 7.1$5B$Su4 Cisco Unified Communications Manager 7.1$5B$Su5 Cisco Unified Communications Manager 7.1$5B$Su6 Cisco Unified Communications Manager 8.0 Cisco Unified Communications Manager 8.0$1$ Cisco Unified Communications Manager 8.0$2$ Cisco Unified Communications Manager 8.0$2A$ Cisco Unified Communications Manager 8.0$2B$ Cisco Unified Communications Manager 8.0$2C$ Cisco Unified Communications Manager 8.0$2C$Su1 Cisco Unified Communications Manager 8.0$3$ Cisco Unified Communications Manager 8.0$3A$ Cisco Unified Communications Manager 8.0$3A$Su1 Cisco Unified Communications Manager 8.0$3A$Su2 Cisco Unified Communications Manager 8.0$3A$Su3 Cisco Unified Communications Manager 8.5 Cisco Unified Communications Manager 8.5$1$ Cisco Unified Communications Manager 8.5$1$Su1 Cisco Unified Communications Manager 8.5$1$Su2 Cisco Unified Communications Manager 8.5$1$Su3 Cisco Unified Communications Manager 8.5$1$Su4 Cisco Unified Communications Manager 8.5$1$Su5 Cisco Unified Communications Manager 8.6 Cisco Unified Communications Manager 8.6$1$ Cisco Unified Communications Manager 8.6$1A$ Cisco Unified Communications Manager 8.6$2$ Cisco Unified Communications Manager 8.6$2A$ Cisco Unified Communications Manager 8.6$2A$Su1 Cisco Unified Communications Manager 8.6$2A$Su2 Cisco Unified Communications Manager 8.6$2A$Su3 Cisco Unified Communications Manager 8.6$3$ Cisco Unified Communications Manager - Cisco Unified Communications Manager 4.1 Cisco Unified Communications Manager 4.1$3$Sr6 Cisco Unified Communications Manager 4.1$3$Sr7 Cisco Unified Communications Manager 4.2$3$Sr3 Cisco Unified Communications Manager 4.2$3$Sr4 Cisco Unified Communications Manager 4.3$2$ Cisco Unified Communications Manager 4.3$2$Sr1 Cisco Unified Communications Manager 6.1$4B$ Cisco Unified Communications Manager 7.1$1$ Cisco Unified Communications Manager 7.1$2$ Cisco Unified Communications Manager 8.0_Base Cisco Unified Communications Manager 8.5.1 Cisco Unified Communications Manager 8.5_Base Cisco Unified Communications Manager 8.6$4$ Cisco Unified Communications Manager 9.0$1$ Cisco Unified Communications Manager 9.1$1$ Cisco Unified Communications Manager 9.1$1A$ Cisco Unified Presence -	129

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20130821-CUPS.NASL
description	According to its self-reported version, the version of Cisco Unified Communications Manager IM and Presence Server installed on the remote host has a denial of service vulnerability. An unauthenticated, remote attacker could exploit this by creating a large number of connections to the SIP ports (TCP 5060, and 5061) on the device resulting in excessive memory consumption. The device must be restarted to fix the denial of service condition.
last seen	2020-06-01
modified	2020-06-02
plugin id	69553
published	2013-09-03
reporter	This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/69553
title	Cisco Unified Communications Manager IM and Presence Server DoS (cisco-sa-20130821-cup)
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(69553); script_version("1.5"); script_cvs_date("Date: 2018/11/15 20:50:20"); script_cve_id("CVE-2013-3453"); script_bugtraq_id(61917); script_xref(name:"CISCO-SA", value:"cisco-sa-20130821-cup"); script_xref(name:"IAVB", value:"2013-B-0094"); script_name(english:"Cisco Unified Communications Manager IM and Presence Server DoS (cisco-sa-20130821-cup)"); script_summary(english:"Checks CUPS version"); script_set_attribute( attribute:"synopsis", value:"The remote host is missing a vendor-supplied security patch." ); script_set_attribute( attribute:"description", value: "According to its self-reported version, the version of Cisco Unified Communications Manager IM and Presence Server installed on the remote host has a denial of service vulnerability. An unauthenticated, remote attacker could exploit this by creating a large number of connections to the SIP ports (TCP 5060, and 5061) on the device resulting in excessive memory consumption. The device must be restarted to fix the denial of service condition." ); # https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?93e4153f"); script_set_attribute( attribute:"solution", value:"Upgrade to Cisco Unified Presence Server 8.6(5)SU1 / 9.1(2) or later." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available"); script_set_attribute(attribute:"exploit_available", value:"false"); script_set_attribute(attribute:"vuln_publication_date", value:"2013/08/21"); script_set_attribute(attribute:"patch_publication_date", value:"2013/08/21"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/09/03"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_communications_manager"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:unified_presence_server"); script_set_attribute(attribute:"stig_severity", value:"I"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/UCOS/Cisco Unified Presence/version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); display_version = get_kb_item_or_exit('Host/UCOS/Cisco Unified Presence/version'); match = eregmatch(string:display_version, pattern:'^([0-9.]+(?:-[0-9]+)?)($\|[^0-9])'); if (isnull(match)) # this should not happen audit(AUDIT_FN_FAIL, 'eregmatch'); else version = match[1]; version = str_replace(string:version, find:"-", replace:"."); # the advisory says: # Fixed versions are 8.6(5)SU1 for version 8.6, # and 9.1(2) for version 9.0.x/9.1.x. # 8.6.5SU1 is not available for download yet, # but latest version available is 8.6(5), which # is 8.6.5.10000-12 # 9.1(2) is not available for download yet, # but latest version available is 9.1.1SU1, which # is 9.1.1.31900-1 if (version =~ "^8\.6\." && ver_compare(ver:version, fix:'8.6.5.10000', strict:FALSE) <= 0) fix = '8.6.5.11900-1'; else if (version =~ "^9\.[01]\." && ver_compare(ver:version, fix:'9.1.1.31900', strict:FALSE) <= 0) fix = '9.1.2'; else audit(AUDIT_INST_VER_NOT_VULN, 'CUPS', display_version); if (report_verbosity > 0) { report = '\n Installed version : ' + display_version + '\n Fixed version : ' + fix + '\n'; security_hole(port:0, extra:report); } else security_hole(0);

References

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20130821-cup