[NEWS] Cisco Unified Communications Manager SQL Injection
- From: SecuriTeam <support@xxxxxxxxxxxxxx>
- Date: 17 Feb 2008 08:48:02 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Cisco Unified Communications Manager SQL Injection
------------------------------------------------------------------------
SUMMARY
Cisco Unified Communications Manager is vulnerable to a SQL Injection
attack in the parameter key of the admin and user interface pages. A
successful attack could allow an authenticated attacker to access
information such as usernames and password hashes that are stored in the
database.
Cisco has released free software updates that address this vulnerability.
DETAILS
Vulnerable Systems:
* Cisco Unified Communication Manager 5.0/5.1 versions prior to 5.1(3a)
and 6.0/6.1 versions prior to 6.1(1a)
Immune Systems:
* Cisco CallManager or Unified Communication Manager systems prior to 5.0
are not affected by this vulnerability. No 3.x and 4.x releases are
vulnerable.
Cisco Unified CallManager/Communications Manager (CUCM) is the call
processing component of the Cisco IP telephony solution. This solution
extends enterprise telephony features and functions to packet telephony
network devices such as IP phones, media processing devices, voice-over-IP
(VoIP) gateways, and multimedia applications.
An attacker can trigger this SQL injection vulnerability by entering a
specially crafted value is entered in the key parameter of either the
admin or user interface page. Attacks against this vulnerability are
conducted through the web interface and use the http or https protocol. A
successful attack could terminate a SQL call and force a connection to the
back-end database resulting in the disclosure of potentially sensitive
information such as usernames and password hashes.
Impact
An authenticated attacker may be able to exploit this vulnerability to
extract records from the Cisco Unified Communications Manager database. A
successful attack might retrieve sensitive data such as user names,
passwords hashes, and information from call records. An attacker cannot
use this vulnerability to alter or delete call record information from the
database.
CVE Information:
<http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0026>
CVE-2008-0026
ADDITIONAL INFORMATION
The information has been provided by <mailto:psirt@xxxxxxxxx> Cisco
Systems Product Security Incident Response Team.
The original article can be found at:
<http://www.cisco.com/warp/public/707/cisco-sa-20080213-cucmsql.shtml>
http://www.cisco.com/warp/public/707/cisco-sa-20080213-cucmsql.shtml
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@xxxxxxxxxxxxxx
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@xxxxxxxxxxxxxx
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Prev by Date: [NEWS] Firefox and Opera Memory Information Leak
- Next by Date: [NEWS] Sophos Email Security Appliance Cross Site Scripting Vulnerability
- Previous by thread: [NEWS] Firefox and Opera Memory Information Leak
- Next by thread: [NEWS] Sophos Email Security Appliance Cross Site Scripting Vulnerability
- Index(es):
Relevant Pages
|
