Details of VAR-200507-0194

ID

VAR-200507-0194

CVE

CVE-2005-2244

TITLE

Cisco CallManager aupair.exe Buffer overflow vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200507-147

DESCRIPTION

The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow. The CallManager aupair service is susceptible to an unspecified remote buffer overflow vulnerability. This issue is due to a failure of the application to properly bounds check user-supplied data prior to copying it to a fixed size memory buffer. This issue is documented in Cisco bug CSCsa75554, which is available to Cisco customers. This vulnerability allows remote attackers to execute arbitrary machine code in the context of the affected application. Failed exploit attempts will likely result in crashing the affected process, denying service to legitimate users. This issue was originally documented in BID 14227. Cisco CallManager (CCM) is a set of call processing components based on the Cisco Unified Communications solution of Cisco

Trust: 1.26

sources: NVD: CVE-2005-2244 // BID: 14255 // VULHUB: VHN-13453

AFFECTED PRODUCTS

vendor:	cisco	model:	call manager	scope:	eq	version:	4.0	Trust: 1.9
vendor:	cisco	model:	call manager	scope:	eq	version:	3.3	Trust: 1.9
vendor:	cisco	model:	call manager	scope:	eq	version:	3.2	Trust: 1.9
vendor:	cisco	model:	call manager	scope:	eq	version:	4.1	Trust: 1.6
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1	Trust: 0.6
vendor:	cisco	model:	call manager	scope:	eq	version:	3.3(3)	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.1(2)	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	2.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	call manager sr1	scope:	ne	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es07	scope:	ne	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es33	scope:	ne	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager sr2b	scope:	ne	version:	4.0	Trust: 0.3
vendor:	cisco	model:	call manager es40	scope:	ne	version:	4.0	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	ne	version:	3.3(5)	Trust: 0.3
vendor:	cisco	model:	call manager es25	scope:	ne	version:	3.3	Trust: 0.3
vendor:	cisco	model:	call manager es61	scope:	ne	version:	3.3	Trust: 0.3

sources: BID: 14255 // CNNVD: CNNVD-200507-147 // NVD: CVE-2005-2244

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2005-2244
value:	MEDIUM
Trust: 1.0
CNNVD:	CNNVD-200507-147
value:	MEDIUM
Trust: 0.6
VULHUB:	VHN-13453
value:	MEDIUM
Trust: 0.1

nvd@nist.gov:	CVE-2005-2244
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-13453
severity:	MEDIUM
baseScore:	5.0
vectorString:	AV:N/AC:L/AU:N/C:N/I:P/A:N
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	PARTIAL
availabilityImpact:	NONE
exploitabilityScore:	10.0
impactScore:	2.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-13453 // CNNVD: CNNVD-200507-147 // NVD: CVE-2005-2244

PROBLEMTYPE DATA

problemtype:

NVD-CWE-Other

Trust: 1.0

sources: NVD: CVE-2005-2244

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200507-147

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-200507-147

EXTERNAL IDS

db:	BID	id:	14255	Trust: 2.0
db:	NVD	id:	CVE-2005-2244	Trust: 1.7
db:	CNNVD	id:	CNNVD-200507-147	Trust: 0.7
db:	XF	id:	19053	Trust: 0.6
db:	CISCO	id:	20050712 CISCO CALLMANAGER MEMORY HANDLING VULNERABILITIES	Trust: 0.6
db:	VULHUB	id:	VHN-13453	Trust: 0.1

sources: VULHUB: VHN-13453 // BID: 14255 // CNNVD: CNNVD-200507-147 // NVD: CVE-2005-2244

REFERENCES

url:	http://www.securityfocus.com/bid/14255	Trust: 1.7
url:	http://www.cisco.com/warp/public/707/cisco-sa-20050712-ccm.shtml	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/19053	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/19053	Trust: 0.6
url:	http://www.cisco.com/en/us/products/sw/voicesw/ps556/index.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/products_security_advisory09186a00804c0c26.shtml	Trust: 0.3
url:	http://xforce.iss.net/xforce/alerts/id/200	Trust: 0.3

sources: VULHUB: VHN-13453 // BID: 14255 // CNNVD: CNNVD-200507-147 // NVD: CVE-2005-2244

CREDITS

Mark Dowd, Mike Lynn, David Maynor, Neel Mehta, and Alex Wheeler of ISS X-Force are credited with the discovery and research of this vulnerability.

Trust: 0.9

sources: BID: 14255 // CNNVD: CNNVD-200507-147

SOURCES

db:	VULHUB	id:	VHN-13453
db:	BID	id:	14255
db:	CNNVD	id:	CNNVD-200507-147
db:	NVD	id:	CVE-2005-2244

LAST UPDATE DATE

2024-08-14T13:40:04.931000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-13453	date:	2017-07-11T00:00:00
db:	BID	id:	14255	date:	2005-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200507-147	date:	2005-10-20T00:00:00
db:	NVD	id:	CVE-2005-2244	date:	2017-07-11T01:32:47.407

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-13453	date:	2005-07-12T00:00:00
db:	BID	id:	14255	date:	2005-07-12T00:00:00
db:	CNNVD	id:	CNNVD-200507-147	date:	2005-07-12T00:00:00
db:	NVD	id:	CVE-2005-2244	date:	2005-07-12T04:00:00