CVE-2012-0361

Description

The sccp-protocol component in Cisco IP Communicator (CIPC) 7.0 through 8.6 does not limit the rate of SCCP messages to Cisco Unified Communications Manager (CUCM), which allows remote attackers to cause a denial of service via vectors that trigger (1) on hook and (2) off hook messages, as demonstrated by a Plantronics headset, aka Bug ID CSCti40315.

Affected products

• Cisco / ip_communicator7.0 – 7.0
• Cisco / ip_communicator7.0(1) – 7.0(1)
• Cisco / ip_communicator7.0(2) – 7.0(2)
• Cisco / ip_communicator7.0(3) – 7.0(3)
• Cisco / ip_communicator7.0(4) – 7.0(4)
• Cisco / ip_communicator7.0(5) – 7.0(5)
• Cisco / ip_communicator7.0(6) – 7.0(6)
• Cisco / ip_communicator8.6 – 8.6

References

• VENDOR_ADVISORYhttp://www.cisco.com/en/US/docs/voice_ip_comm/cipc/8_5/english/release_notes/CIPC8x_RN.html
• MISChttp://www.securitytracker.com/id?1027013