CVE-2008-1742

Published May 16, 2008

Last updated 8 years ago

CVSS info 7.8

Overview

Description: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.
Source: ykramarz@cisco.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.8
Impact score: 6.9
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:N/I:N/A:C

Weaknesses

nvd@nist.gov: CWE-399

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E29A61E-334B-4F95-9B47-8F53A4DB3EB0"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E6C20851-DC17-4E89-A6C1-D1B52D47608F"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:4.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "577571D6-AC59-4A43-B9A5-7B6FC6D2046C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(1\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B860F1E1-E295-4B71-B396-14286611EA36"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E194E6EC-282D-4C8E-96E3-00D64FCD8C6C"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2a\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5B2EA451-EE18-440A-924A-556A2EC74300"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(2b\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8950C510-38F3-4040-8871-C085DDECF5B3"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:5.1:\\(3a\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7101A008-3F3C-4ABB-B4FC-25BDA8809C87"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "819AE879-5BF9-494E-8905-1E1E867EB5A9"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:\\(1\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "156F822A-08CB-4EE2-9054-18F649D96C39"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.0:\\(1a\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "53CBD1E5-46C6-4F31-867A-118227EB0473"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6BC6EF34-D23D-45CA-A907-A47993CC061E"
          },
          {
            "criteria": "cpe:2.3:a:cisco:unified_communications_manager:6.1:\\(1a\\):*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8E8F77F9-05C3-4B66-9022-7B227F97978C"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References