CVE-2004-1759

Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning.

CVSS v2.0 5.0 MEDIUM

5.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://secunia.com/advisories/10696	Patch Vendor Advisory
http://www.ciac.org/ciac/bulletins/o-066.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml	Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/721092	Patch Third Party Advisory US Government Resource
http://www.osvdb.org/3691
http://www.securityfocus.com/bid/9469	Exploit Patch Vendor Advisory
http://www.securitytracker.com/id?1008814
https://exchange.xforce.ibmcloud.com/vulnerabilities/14901
http://secunia.com/advisories/10696	Patch Vendor Advisory
http://www.ciac.org/ciac/bulletins/o-066.shtml
http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml	Patch Vendor Advisory
http://www.kb.cert.org/vuls/id/721092	Patch Third Party Advisory US Government Resource
http://www.osvdb.org/3691
http://www.securityfocus.com/bid/9469	Exploit Patch Vendor Advisory
http://www.securitytracker.com/id?1008814
https://exchange.xforce.ibmcloud.com/vulnerabilities/14901

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:cisco:emergency_responder:1.1:::::::*
	cpe:2.3:a:cisco:ip_call_center_express_enhanced:3.0:::::::*
	cpe:2.3:a:cisco:ip_call_center_express_standard:3.0:::::::*
	cpe:2.3:a:cisco:ip_interactive_voice_response:3.0:::::::*
	cpe:2.3:a:cisco:personal_assistant:1.3\(1\):::::::*
	cpe:2.3:a:cisco:personal_assistant:1.3\(2\):::::::*
	cpe:2.3:a:cisco:personal_assistant:1.3\(3\):::::::*
	cpe:2.3:a:cisco:personal_assistant:1.3\(4\):::::::*
	cpe:2.3:a:cisco:personal_assistant:1.4\(1\):::::::*
	cpe:2.3:a:cisco:personal_assistant:1.4\(2\):::::::*
	cpe:2.3:a:ibm:director_agent:2.2:::::::*
	cpe:2.3:a:ibm:director_agent:3.11:::::::*
	cpe:2.3:h:cisco:call_manager:1.0:::::::*
	cpe:2.3:h:cisco:call_manager:2.0:::::::*
	cpe:2.3:h:cisco:call_manager:3.0:::::::*
	cpe:2.3:h:cisco:call_manager:3.1:::::::*
	cpe:2.3:h:cisco:call_manager:3.1\(2\):::::::*
	cpe:2.3:h:cisco:call_manager:3.1\(3a\):::::::*
	cpe:2.3:h:cisco:call_manager:3.2:::::::*
	cpe:2.3:h:cisco:call_manager:3.3:::::::*
	cpe:2.3:h:cisco:call_manager:3.3\(3\):::::::*
	cpe:2.3:h:cisco:call_manager:4.0:::::::*
	cpe:2.3:h:cisco:internet_service_node::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:cisco:conference_connection:1.1\(1\):::::::*
	cpe:2.3:o:cisco:conference_connection:1.2:::::::*

Configuration 3 (hide)

OR	cpe:2.3:h:ibm:mcs-7815-1000::::::::
	cpe:2.3:h:ibm:mcs-7815i-2.0::::::::
	cpe:2.3:h:ibm:mcs-7835i-2.4::::::::
	cpe:2.3:h:ibm:mcs-7835i-3.0::::::::
	cpe:2.3:h:ibm:x330:8654:::::::*
	cpe:2.3:h:ibm:x330:8674:::::::*
	cpe:2.3:h:ibm:x340::::::::
	cpe:2.3:h:ibm:x342::::::::
	cpe:2.3:h:ibm:x345::::::::

History

20 Nov 2024, 23:51

Type	Values Removed	Values Added
References	~~() http://secunia.com/advisories/10696 - Patch, Vendor Advisory~~	() http://secunia.com/advisories/10696 - Patch, Vendor Advisory
References	~~() http://www.ciac.org/ciac/bulletins/o-066.shtml -~~	() http://www.ciac.org/ciac/bulletins/o-066.shtml -
References	~~() http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml - Patch, Vendor Advisory~~	() http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml - Patch, Vendor Advisory
References	~~() http://www.kb.cert.org/vuls/id/721092 - Patch, Third Party Advisory, US Government Resource~~	() http://www.kb.cert.org/vuls/id/721092 - Patch, Third Party Advisory, US Government Resource
References	~~() http://www.osvdb.org/3691 -~~	() http://www.osvdb.org/3691 -
References	~~() http://www.securityfocus.com/bid/9469 - Exploit, Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/9469 - Exploit, Patch, Vendor Advisory
References	~~() http://www.securitytracker.com/id?1008814 -~~	() http://www.securitytracker.com/id?1008814 -
References	~~() https://exchange.xforce.ibmcloud.com/vulnerabilities/14901 -~~	() https://exchange.xforce.ibmcloud.com/vulnerabilities/14901 -

Information

Published : 2004-01-21 05:00

Updated : 2024-11-20 23:51

NVD link : CVE-2004-1759

Mitre link : CVE-2004-1759

CVE.ORG link : CVE-2004-1759

JSON object : View

Products Affected

ibm

mcs-7835i-3.0
mcs-7815-1000
x330
mcs-7815i-2.0
x340
director_agent
x342
mcs-7835i-2.4
x345

cisco

call_manager
personal_assistant
internet_service_node
ip_interactive_voice_response
conference_connection
ip_call_center_express_standard
emergency_responder
ip_call_center_express_enhanced

CWE

CWE-399

Resource Management Errors

5.0 /10