Computer Security
[EN] securityvulns.ru no-pyccku


Cisco Prime Central / Cisco Unified Communications Manager / Cisco Unified Presence Server DoS
Published:03.03.2013
Source:
SecurityVulns ID:12922
Type:remote
Threat Level:
6/10
Description:Different DoS conditions on traffic processing.
Affected:CISCO : Unified Presence Server 8.6
 CISCO : Unified Presence Server 9.0
 CISCO : Unified Presence Server 9.1
 CISCO : Prime Central for Hosted Collaboration Solution 8.6
 CISCO : Prime Central for Hosted Collaboration Solution 9.0
 CISCO : Unified Communications Manager 9.1
CVE:CVE-2013-1137 (Cisco Unified Presence Server (CUPS) 8.6, 9.0, and 9.1 before 9.1.1 allows remote attackers to cause a denial of service (CPU consumption) via crafted packets to the SIP TCP port, aka Bug ID CSCua89930.)
 CVE-2013-1135 (Cisco Prime Central for Hosted Collaboration Solution (HCS) Assurance 8.6 and 9.0 allows remote attackers to cause a denial of service (CPU consumption and monitoring outage) via malformed TLS messages to TCP port (1) 9043 or (2) 9443, aka Bug ID CSCuc07155.)
 CVE-2013-1134 (The Location Bandwidth Manager (LBM) Intracluster-communication feature in Cisco Unified Communications Manager (CUCM) 9.x before 9.1(1) does not require authentication from the remote LBM Hub node, which allows remote attackers to conduct cache-poisoning attacks against transaction records, and cause a denial of service (bandwidth-pool consumption and call outage), via unspecified vectors, aka Bug ID CSCub28920.)
 CVE-2013-1133 (Cisco Unified Communications Manager (CUCM) 8.6 before 8.6(2a)su2, 8.6 BE3k before 8.6(4) BE3k, and 9.x before 9.0(1) allows remote attackers to cause a denial of service (CPU consumption and GUI and voice outages) via malformed packets to unused UDP ports, aka Bug ID CSCtx43337.)
Files:Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities
 Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability
 Cisco Unified Presence Server Denial of Service Vulnerability

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod