CERT-In Vulnerability Note CIVN-2009-21
Cisco Unified Communications Manager CAPF Service Denial of Service Vulnerability
Original Issue Date:January 30, 2009
Severity Rating:
High
Systems Affected
- Cisco Unified Communications Manager 5.x versions prior to 5.1(3e)
- Cisco Unified Communications Manager 6.x versions prior to 6.1(3)
Overview
A vulnerability has been reported in Cisco Unified Communications Manager that could allow an unauthenticated, remote attacker to create a denial of service condition.
Description
Cisco Unified Communications Manager (CUCM), formerly Cisco Unified CallManager and Cisco CallManager (CCM), is a software-based telephony call-processing system. T he Certificate Authority Proxy Function (CAPF) utility is used to create and manage locally significant certificates. The CAPF utility generates a key pair and certificate that is specific for CAPF, and the utility copies this certificate to all CUCM servers in the cluster.
A vulnerability exists in the Certificate Authority Proxy Function (CAPF) service of Cisco Unified Communications Manager that may be exploited by the attacker by sending specially crafted data to TCP port 3804 to cause denial of service conditions.
Workaronds
- Disable the CAPF service if it is not necessary for business operations.
- Restrict th access over TCP port 3804.
- Change the default port for the CAPF service.
Solution
Apply appropriate fixed versions as mentioned in CISCO Security Advisory
Vendor Information
CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090121-cucmcapf.shtml
References
CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090121-cucmcapf.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=17415
SecurityTracker
http://securitytracker.com/alerts/2009/Jan/1021620.html
SecurityFocus
http://www.securityfocus.com/bid/33379
Secunia
http://secunia.com/advisories/33588
CVE Name
CVE-2009-0057
Disclaimer The information provided herein is on "as is" basis, without warranty of any kind.
Contact Information
Phone: +91-11-24368572
Postal address
Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003
|
