Vigil@nce: Cisco Unified Communications Manager, denials of service
March 2010 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use SCCP, SIP or CIT messages, in order to
generate denials of service on Cisco Unified Communications
Manager.
Severity: 2/4
Consequences: denial of service of service
Provenance: intranet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Number of vulnerabilities in this bulletin: 5
Creation date: 03/03/2010
IMPACTED PRODUCTS
– Cisco Unified CallManager
– Cisco Unified Communications Manager
DESCRIPTION OF THE VULNERABILITY
Five denials of service were announced in Cisco Unified
Communications Manager.
An attacker can send a SCCP (Skinny Client Control Protocol)
StationCapabilitiesRes message with a large MaxCap field, in order
to stop a process, which leads to a denial of service.
[severity:2/4; BID-38496, CSCtc38985, CVE-2010-0587]
An attacker can send a malformed SCCP (Skinny Client Control
Protocol) RegAvailableLines/FwdStatReq message, in order to stop a
process, which leads to a denial of service. [severity:2/4;
BID-38501, CSCtc47823, CVE-2010-0588]
An attacker can send a malformed SIP REGISTER message, in order to
stop a process, which leads to a denial of service. [severity:2/4;
BID-38495, CSCtc37188, CVE-2010-0590]
An attacker can send a SIP REGISTER message with a malformed phone
url, in order to stop a process, which leads to a denial of
service. [severity:2/4; BID-38498, CSCtc62362, CVE-2010-0591]
An attacker can send a malformed CIT (Computer Telephony
Integration) message on the port 2748/tcp, in order to stop CTI
Manager. [severity:2/4; BID-38497, CSCsu31800, CVE-2010-0592]
CHARACTERISTICS
Identifiers: 111579, 111803, BID-38495, BID-38496, BID-38497,
BID-38498, BID-38501, cisco-amb-20100303-cucm,
cisco-sa-20100303-cucm, CSCsu31800, CSCtc37188, CSCtc38985,
CSCtc47823, CSCtc62362, CVE-2010-0587, CVE-2010-0588,
CVE-2010-0590, CVE-2010-0591, CVE-2010-0592, VIGILANCE-VUL-9491
http://vigilance.fr/vulnerability/Cisco-Unified-Communications-Manager-denials-of-service-9491