CUCM Remote Buffer Overflow (CSCud54358)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote buffer overflow
vulnerability.

Description :

According to its version number, the version of Cisco Unified
Communications Manager installed on the remote host is affected by a
remote buffer overflow vulnerability allowing an authenticated remote
attacker to corrupt data, disrupt services, or execute arbitrary
commands.

See also :

http://www.nessus.org/u?273e52bc

Solution :

For Cisco Unified Communications Manager (CUCM) 7.1(x), upgrade to
version 7.1(5b)su6 or later. For 8.5(x), upgrade to version 8.5(1)su6
or later. For 8.6(x), upgrade to 8.6(2a)su3 or later. For 9.x, upgrade
to 9.1(2) or later.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 70091 ()

Bugtraq ID: 61913

CVE ID: CVE-2013-3462