Vulnerability Name:

CVE-2008-1741 (CCN-42413)

Assigned:2008-05-14
Published:2008-05-14
Updated:2017-08-08
Summary:The SIP Proxy (SIPD) service in Cisco Unified Presence before 6.0(3) allows remote attackers to cause a denial of service (core dump and service interruption) via a TCP port scan, aka Bug ID CSCsj64533.
CVSS v3 Severity:7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): High
CVSS v2 Severity:7.8 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)
5.8 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): None
Availibility (A): Complete
Vulnerability Type:CWE-20
Vulnerability Consequences:Denial of Service
References:Source: MITRE
Type: CNA
CVE-2008-1741

Source: CCN
Type: SA30269
Cisco Unified Presence SIP Proxy Service Denial of Service

Source: SECUNIA
Type: UNKNOWN
30269

Source: CCN
Type: SECTRACK ID: 1020023
Cisco Unified Presence Services Can Be Interrupted By Remote Users

Source: SECTRACK
Type: UNKNOWN
1020023

Source: CISCO
Type: Patch
20080514 Cisco Unified Presence Denial of Service Vulnerabilities

Source: CCN
Type: cisco-sa-20080514-cup
Cisco Security Advisory: Cisco Unified Presence Denial of Service Vulnerabilities

Source: CCN
Type: OSVDB ID: 45216
Cisco Unified Presence SIP Proxy Service TCP Port Scan Remote DoS

Source: BID
Type: UNKNOWN
29222

Source: CCN
Type: BID-29222
Cisco Unified Presence SIP Proxy Denial of Service Vulnerability

Source: VUPEN
Type: UNKNOWN
ADV-2008-1534

Source: XF
Type: UNKNOWN
cisco-unifiedpresence-sipproxy-dos(42413)

Source: XF
Type: UNKNOWN
cisco-unifiedpresence-sipproxy-dos(42413)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:cisco:unified_presence:6.0_1:*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_presence:*:*:*:*:*:*:*:* (Version <= 6.0_2)

    • Configuration CCN 1:
  • cpe:/a:cisco:unified_presence_server:6.0(1):*:*:*:*:*:*:*
  • OR cpe:/a:cisco:unified_presence_server:6.0(2):*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    cisco unified presence 6.0_1
    cisco unified presence *
    cisco unified presence server 6.0(1)
    cisco unified presence server 6.0(2)