CVE-2006-0368

Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.

Affected Software

Name	Vendor	Start Version	End Version
Call_manager	Cisco	*	*
Call_manager	Cisco	1.0 (including)	1.0 (including)
Call_manager	Cisco	2.0 (including)	2.0 (including)
Call_manager	Cisco	3.0 (including)	3.0 (including)
Call_manager	Cisco	3.1 (including)	3.1 (including)
Call_manager	Cisco	3.1(2) (including)	3.1(2) (including)
Call_manager	Cisco	3.1(3a) (including)	3.1(3a) (including)
Call_manager	Cisco	3.2 (including)	3.2 (including)
Call_manager	Cisco	3.3 (including)	3.3 (including)
Call_manager	Cisco	3.3(3) (including)	3.3(3) (including)
Call_manager	Cisco	3.3(3)es61 (including)	3.3(3)es61 (including)
Call_manager	Cisco	3.3(4)es25 (including)	3.3(4)es25 (including)
Call_manager	Cisco	3.3(5) (including)	3.3(5) (including)
Call_manager	Cisco	3.3(5)es30 (including)	3.3(5)es30 (including)
Call_manager	Cisco	4.0 (including)	4.0 (including)
Call_manager	Cisco	4.0(2a)es40 (including)	4.0(2a)es40 (including)
Call_manager	Cisco	4.0(2a)es62 (including)	4.0(2a)es62 (including)
Call_manager	Cisco	4.0(2a)sr2b (including)	4.0(2a)sr2b (including)
Call_manager	Cisco	4.1(2)es33 (including)	4.1(2)es33 (including)
Call_manager	Cisco	4.1(2)es55 (including)	4.1(2)es55 (including)
Call_manager	Cisco	4.1(3)es07 (including)	4.1(3)es07 (including)
Call_manager	Cisco	4.1(3)es32 (including)	4.1(3)es32 (including)
Call_manager	Cisco	4.1(3)sr1 (including)	4.1(3)sr1 (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2006-0368
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html

Affected Software

References