Cisco Unified Communications Manager Remote Buffer Overflow (CSCud54358)

This script is Copyright (C) 2013-2014 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a remote buffer overflow vulnerability.

Description :

According to its self-reported version, the remote Cisco Unified
Communications Manager (CUCM) device is affected by a remote buffer
overflow vulnerability that allows an authenticated, remote attacker
to corrupt data, disrupt services, or execute arbitrary commands.

See also :

http://www.nessus.org/u?273e52bc

Solution :

For Cisco Unified Communications Manager (CUCM) 7.1(x), upgrade to
version 7.1(5b)su6 or later. For 8.5(x), upgrade to version 8.5(1)su6
or later. For 8.6(x), upgrade to 8.6(2a)su3 or later. For 9.x, upgrade
to 9.1(2) or later.

Risk factor :

High / CVSS Base Score : 8.5
(CVSS2#AV:N/AC:M/Au:S/C:C/I:C/A:C)
CVSS Temporal Score : 6.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 70091 ()

Bugtraq ID: 61913

CVE ID: CVE-2013-3462