HOME > ADVISORIES


   ADVISORIES

CERT-In Advisory CIAD-2007-57
Cisco Unified Communications Manager Denial of Service Vulnerabilities

Original issue date: October 24, 2007

Severity Rating: High

Systems Affected

  • Cisco Unified Call Manager 5.0 versions and Communications Manager 5.1 versions prior to 5.1(2) – Two vulnerabilities, DoS and TFTP overflow .
  • Cisco Unified Communications Manager version 5.1(2) - TFTP service overflow vulnerability.

Overview

Vulnerability exist in Cisco Unified Communications Manager, which could be exploited to cause denial-of-service and buffer-overflow. Successfully exploiting these vulnerabilities allows remote attackers to crash affected devices by triggering kernel panics or to execute arbitrary machine code.

Description

Cisco Unified Communications Manager (CUCM), formerly Call Manager, is the call- processing component of the Cisco IP Telephony. Two vulnerabilities have been found in Cisco Unified Communications Manager (CUCM), which can be exploited by malicious people to cause Denial of Service (DoS) or compromise a vulnerable system.

1. A boundary error in the Centralized TFTP File Locator Service of CUCM TFTP when processing filenames can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code.

2. An error when processing SIP INVITE messages can be exploited to cause resource exhaustion by e.g. flooding a CUCM system with SIP INVITE messages to default port 5060/UDP.  

Workaround

Applying appropriate access-list may mitigate the vulnerabilities.

Solution

  • Upgrade to latest version of OpenSSL (0.9.8f)
  • Upgrade to the latest version of OpenSSL (0.9.8f) and rebuild all packages using OpenSSL for DTLS

Vendor Information

Cisco
http://www.cisco.com/warp/public/707/cisco-sa-20071017-ucm.shtml

References

SecurityFocus
http://www.securityfocus.com/bid/26105

Secunia
http://secunia.com/advisories/27296/

FrSirt
http://www.frsirt.com/english/advisories/2007/3532

CVE-Name
CVE-2007-5537
CVE-2007-5538

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information


Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003