Denial of Service Vulnerability in Cisco CallManager Products
CVE-2006-0368

Currently unrated

Key Information:

Vendor: Cisco
Status: Call Manager
Vendor: CVE Published:; 22 January 2006

Summary

A vulnerability in Cisco CallManager allows remote attackers to create conditions that may lead to a denial of service. Attackers can exploit this weakness by opening a large number of TCP connections to specific ports (2000, 2001, 2002, or 7727), resulting in significant CPU and memory consumption or overwhelming the Windows Service Manager communication queue. This situation effectively disrupts normal service operations, impacting the availability of the system for legitimate users.

References

http://securitytracker.com/id?1015503

vdb-entryx_refsource_SECTRACK

http://www.vupen.com/english/advisories/2006/0249

vdb-entryx_refsource_VUPEN

http://www.cisco.com/warp/public/707/cisco-sa-20060118-cc...

vendor-advisoryx_refsource_CISCO

Timeline

Vulnerability published
Jan 22, 2006
Vulnerability Reserved
Jan 22, 2006