Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
2006-01-22T20:03:00.000
2025-04-03T01:03:51.193
Deferred
CVSSv2: 7.8 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:C
10.0
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Hardware | cisco | call_manager | * | Yes |
| Hardware | cisco | call_manager | 1.0 | Yes |
| Hardware | cisco | call_manager | 2.0 | Yes |
| Hardware | cisco | call_manager | 3.0 | Yes |
| Hardware | cisco | call_manager | 3.1 | Yes |
| Hardware | cisco | call_manager | 3.1\(2\) | Yes |
| Hardware | cisco | call_manager | 3.1\(3a\) | Yes |
| Hardware | cisco | call_manager | 3.2 | Yes |
| Hardware | cisco | call_manager | 3.3 | Yes |
| Hardware | cisco | call_manager | 3.3\(3\) | Yes |
| Hardware | cisco | call_manager | 3.3\(3\)es61 | Yes |
| Hardware | cisco | call_manager | 3.3\(4\)es25 | Yes |
| Hardware | cisco | call_manager | 3.3\(5\) | Yes |
| Hardware | cisco | call_manager | 3.3\(5\)es30 | Yes |
| Hardware | cisco | call_manager | 4.0 | Yes |
| Hardware | cisco | call_manager | 4.0\(2a\)es40 | Yes |
| Hardware | cisco | call_manager | 4.0\(2a\)es62 | Yes |
| Hardware | cisco | call_manager | 4.0\(2a\)sr2b | Yes |
| Hardware | cisco | call_manager | 4.1\(2\)es33 | Yes |
| Hardware | cisco | call_manager | 4.1\(2\)es55 | Yes |
| Hardware | cisco | call_manager | 4.1\(3\)es07 | Yes |
| Hardware | cisco | call_manager | 4.1\(3\)es32 | Yes |
| Hardware | cisco | call_manager | 4.1\(3\)sr1 | Yes |