fkie_cve-2009-0057
Vulnerability from fkie_nvd
Published
2009-01-22 18:30
Modified
2024-11-21 00:58
Severity ?
Summary
The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely."
References
psirt@cisco.comhttp://secunia.com/advisories/33588Vendor Advisory
psirt@cisco.comhttp://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtmlVendor Advisory
psirt@cisco.comhttp://www.securityfocus.com/bid/33379
psirt@cisco.comhttp://www.securitytracker.com/id?1021620
psirt@cisco.comhttp://www.vupen.com/english/advisories/2009/0213
psirt@cisco.comhttps://exchange.xforce.ibmcloud.com/vulnerabilities/48139
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/33588Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtmlVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/33379
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021620
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/0213
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/48139
Impacted products
Vendor Product Version
cisco unified_communications_manager 5.0
cisco unified_communications_manager 5.0_1
cisco unified_communications_manager 5.0_2
cisco unified_communications_manager 5.0_3
cisco unified_communications_manager 5.0_3a
cisco unified_communications_manager 5.0_4
cisco unified_communications_manager 5.0_4a
cisco unified_communications_manager 5.0_4a_su1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1
cisco unified_communications_manager 5.1\(1\)
cisco unified_communications_manager 5.1\(2\)
cisco unified_communications_manager 5.1\(3c\)
cisco unified_communications_manager 5.1.2
cisco unified_communications_manager 5.1_\(2a\)
cisco unified_communications_manager 5.1_1
cisco unified_communications_manager 5.1_2
cisco unified_communications_manager 5.1_2a
cisco unified_communications_manager 5.1_2b
cisco unified_communications_manager 5.1_3a
cisco unified_communications_manager 6.0
cisco unified_communications_manager 6.0
cisco unified_communications_manager 6.0
cisco unified_communications_manager 6.0_1
cisco unified_communications_manager 6.0_1a
cisco unified_communications_manager 6.1
cisco unified_communications_manager 6.1
cisco unified_communications_manager 6.1\(2\)
cisco unified_communications_manager 6.1.0
cisco unified_communications_manager 6.1_1a


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B2AF68FA-433F-46F2-B309-B60A108BECFA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE62DB5-943D-43B5-BD13-D74DAA122578",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D2D76BC6-1A59-4D74-A7C9-8C05D96E01F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_3:*:*:*:*:*:*:*",
              "matchCriteriaId": "788BDB54-0970-468F-9713-14B097E1A863",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "3CAE1371-F46C-4DFD-A4A4-D609E93C4740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4:*:*:*:*:*:*:*",
              "matchCriteriaId": "E7AC2F39-C029-4FAB-A963-0C7F1D5A8067",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4a:*:*:*:*:*:*:*",
              "matchCriteriaId": "62781360-15FC-4E40-AEF8-BF01606A671B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.0_4a_su1:*:*:*:*:*:*:*",
              "matchCriteriaId": "08E03DCC-4DCB-4830-943F-05F7E3BB49EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "640BFEE2-B364-411E-B641-7471B88ED7CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(1\\):*:*:*:*:*:*",
              "matchCriteriaId": "B860F1E1-E295-4B71-B396-14286611EA36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2\\):*:*:*:*:*:*",
              "matchCriteriaId": "E194E6EC-282D-4C8E-96E3-00D64FCD8C6C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2a\\):*:*:*:*:*:*",
              "matchCriteriaId": "5B2EA451-EE18-440A-924A-556A2EC74300",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2b\\):*:*:*:*:*:*",
              "matchCriteriaId": "8950C510-38F3-4040-8871-C085DDECF5B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(3a\\):*:*:*:*:*:*",
              "matchCriteriaId": "7101A008-3F3C-4ABB-B4FC-25BDA8809C87",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:5.1\\(1\\):*:*:*:*:*:*",
              "matchCriteriaId": "CDEF7B2B-66CB-4C92-B678-859693C8C890",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:5.1_\\(2a\\):*:*:*:*:*:*",
              "matchCriteriaId": "8AA0378D-5EE0-4BD6-BB33-7DF01F830DDC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(1\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "1B9FDFF3-2E60-4E41-9251-93283D945D94",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "239510AD-8BB0-4515-B1DA-80DE696D25DD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1\\(3c\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "84A49932-1E22-4BE0-8195-926D44F65AAA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E51D8BF-12BB-4DD1-9232-1D066889B30F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_\\(2a\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "AD2935E2-7340-4B49-8B5D-C7801FD605C4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "2740B5E5-E8D2-491E-B174-A1A9DF812418",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2:*:*:*:*:*:*:*",
              "matchCriteriaId": "60D93DAA-0ED6-4DA5-B7A5-50D5567A6178",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2a:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEA1ABD3-D076-4CA6-A12D-3C3BB5080B1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "54B14EC5-4391-4698-BF6F-2726FD28D318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1_3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5F1270F-DBF6-4938-A1A0-732EE52C83E6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:\\(1\\):*:*:*:*:*:*",
              "matchCriteriaId": "156F822A-08CB-4EE2-9054-18F649D96C39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:\\(1a\\):*:*:*:*:*:*",
              "matchCriteriaId": "53CBD1E5-46C6-4F31-867A-118227EB0473",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0_1:*:*:*:*:*:*:*",
              "matchCriteriaId": "05F443F9-B454-42B3-8464-ACEA40066DF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0_1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FBF1FDC-7096-4EE6-B9A2-0C9971F407D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:\\(1a\\):*:*:*:*:*:*",
              "matchCriteriaId": "8E8F77F9-05C3-4B66-9022-7B227F97978C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1\\(2\\):*:*:*:*:*:*:*",
              "matchCriteriaId": "597D9674-F44D-4A31-A2F2-2790ED698A91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "42F3870B-5DE9-4E3E-BEA7-863916DD45DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1_1a:*:*:*:*:*:*:*",
              "matchCriteriaId": "047E45A0-C0F0-4900-B5FB-8F0A5852732D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the \"client terminates prematurely.\""
    },
    {
      "lang": "es",
      "value": "El servicio Certificate Authority Proxy Function (CAPF) en Cisco Unified Communications Manager 5.x antes de 5.1(3e) y 6.x antes de 6.1(3) permite a atacantes remotos provocar una denegaci\u00f3n de servicio (parada del servicio de voz) mediante el env\u00edo de entradas malformadas sobre una sesi\u00f3n TCP en la que el \"cliente termina prematuramente.\""
    }
  ],
  "id": "CVE-2009-0057",
  "lastModified": "2024-11-21T00:58:57.983",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-01-22T18:30:03.813",
  "references": [
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33588"
    },
    {
      "source": "psirt@cisco.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/33379"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1021620"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2009/0213"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48139"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/33588"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a61928.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/33379"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1021620"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2009/0213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/48139"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.