CVE-2006-0368

CWE-3995 documents5 sources
Severity
7.8HIGH
EPSS
2.7%
top 14.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Cisco Call Manager
Timeline
PublishedJan 22
Latest updateMay 1

Description

Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.

CVSS vector

AV:N/AC:L/C:N/I:N/A:CExploitability: 10.0 | Impact: 6.9

Affected Packages1 packages

โ–ถNVDcisco/call_manager22 versions+21

Patches

Patch: secunia.com โ†—Patch: secunia.com โ†—

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-p4h8-95wc-cxcp: Cisco CallManager 3โ†—2022-05-01
โ–ถ
CVEList
CVE-2006-0368: Cisco CallManager 3โ†—2006-01-22
โ–ถ

๐Ÿ“‹Vendor Advisories

1
Cisco
Cisco Call Manager Denial of Serviceโ†—2006-01-18
โ–ถ

๐Ÿ’ฌCommunity

1
Bugzilla
CVE-2005-1704 Integer overflow in libelfโ†—2005-06-09
โ–ถ
CVE-2006-0368 (HIGH CVSS 7.8) | Cisco CallManager 3.2 and earlier | cvebase.io