Vulnerability Details CVE-2006-0368
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.028
EPSS Ranking 85.2%
CVSS Severity
CVSS v2 Score 7.8
References
- http://secunia.com/advisories/18494
- http://securityreason.com/securityalert/359
- http://securitytracker.com/id?1015503
- http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
- http://www.osvdb.org/22622
- http://www.osvdb.org/22623
- http://www.securityfocus.com/bid/16295
- http://www.vupen.com/english/advisories/2006/0249
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24180
- http://secunia.com/advisories/18494
- http://securityreason.com/securityalert/359
- http://securitytracker.com/id?1015503
- http://www.cisco.com/warp/public/707/cisco-sa-20060118-ccmdos.shtml
- http://www.osvdb.org/22622
- http://www.osvdb.org/22623
- http://www.securityfocus.com/bid/16295
- http://www.vupen.com/english/advisories/2006/0249
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24180
Products affected by CVE-2006-0368
-
cpe:2.3:h:cisco:call_manager:-
-
cpe:2.3:h:cisco:call_manager:1.0
-
cpe:2.3:h:cisco:call_manager:2.0
-
cpe:2.3:h:cisco:call_manager:3.0
-
cpe:2.3:h:cisco:call_manager:3.1
-
cpe:2.3:h:cisco:call_manager:3.1(2)
-
cpe:2.3:h:cisco:call_manager:3.1(3a)
-
cpe:2.3:h:cisco:call_manager:3.2
-
cpe:2.3:h:cisco:call_manager:3.3
-
cpe:2.3:h:cisco:call_manager:3.3(3)
-
cpe:2.3:h:cisco:call_manager:3.3(3)es61
-
cpe:2.3:h:cisco:call_manager:3.3(4)es25
-
cpe:2.3:h:cisco:call_manager:3.3(5)
-
cpe:2.3:h:cisco:call_manager:3.3(5)es30
-
cpe:2.3:h:cisco:call_manager:3.3(5)sr1
-
cpe:2.3:h:cisco:call_manager:3.3(5)sr2
-
cpe:2.3:h:cisco:call_manager:3.3(5)sr2a
-
cpe:2.3:h:cisco:call_manager:3.3(5)sr2b
-
cpe:2.3:h:cisco:call_manager:4.0
-
cpe:2.3:h:cisco:call_manager:4.0(2a)es40
-
cpe:2.3:h:cisco:call_manager:4.0(2a)es62
-
cpe:2.3:h:cisco:call_manager:4.0(2a)sr2b
-
cpe:2.3:h:cisco:call_manager:4.1
-
cpe:2.3:h:cisco:call_manager:4.1(2)es33
-
cpe:2.3:h:cisco:call_manager:4.1(2)es55
-
cpe:2.3:h:cisco:call_manager:4.1(3)es07
-
cpe:2.3:h:cisco:call_manager:4.1(3)es32
-
cpe:2.3:h:cisco:call_manager:4.1(3)sr1
-
cpe:2.3:h:cisco:call_manager:4.1(3)sr2
-
cpe:2.3:h:cisco:call_manager:4.1(3)sr3
-
cpe:2.3:h:cisco:call_manager:4.1(3)sr4
-
cpe:2.3:h:cisco:call_manager:4.2
-
cpe:2.3:h:cisco:call_manager:4.2(1)
-
cpe:2.3:h:cisco:call_manager:4.2(2)
-
cpe:2.3:h:cisco:call_manager:4.2(3)
-
cpe:2.3:h:cisco:call_manager:4.2(3)sr1
-
cpe:2.3:h:cisco:call_manager:4.2(3)sr2
-
cpe:2.3:h:cisco:call_manager:4.3
-
cpe:2.3:h:cisco:call_manager:4.3(1)
-
cpe:2.3:h:cisco:call_manager:4.3(1)sr1
-
cpe:2.3:h:cisco:call_manager:5.1.1.3000