CVE-2006-5553 - OpenCVE

Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

AV:N/AC:L/Au:N/C:N/I:N/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Cisco	Security Agent Unified Callmanager Unified Presence Server

Configuration 1 [-]

OR	cpe:2.3:a:cisco:security_agent:4.5:::::::*
	cpe:2.3:a:cisco:security_agent:4.5.1:::::::*
	cpe:2.3:a:cisco:security_agent:4.5.1.639:::::::*
	cpe:2.3:a:cisco:security_agent:5.0:::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(1\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(2\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(3\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(3a\):::::::*
	cpe:2.3:a:cisco:unified_callmanager:5.0\(4\):::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0:::::::*
	cpe:2.3:a:cisco:unified_presence_server:1.0\(2\):::::::*

No data.

References

Link	Providers
http://secunia.com/advisories/22574
http://securitytracker.com/id?1017118
http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml
http://www.osvdb.org/30055
http://www.securityfocus.com/bid/20737
http://www.vupen.com/english/advisories/2006/4198
https://exchange.xforce.ibmcloud.com/vulnerabilities/29829

History

No history.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2006-10-26T17:00:00

Updated: 2024-08-07T19:55:53.339Z

Reserved: 2006-10-26T00:00:00

Link: CVE-2006-5553

Vulnrichment

No data.

NVD

Status : Modified

Published: 2006-10-26T17:07:00.000

Modified: 2017-07-20T01:33:49.773

Link: CVE-2006-5553

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-10-25T00:00:00", "descriptions": [{"lang": "en", "value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "1017118", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://securitytracker.com/id?1017118"}, {"name": "20737", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/20737"}, {"name": "csa-port-scan-dos(29829)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"}, {"name": "30055", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/30055"}, {"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"}, {"name": "ADV-2006-4198", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/4198"}, {"name": "22574", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/22574"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2006-5553", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "1017118", "refsource": "SECTRACK", "url": "http://securitytracker.com/id?1017118"}, {"name": "20737", "refsource": "BID", "url": "http://www.securityfocus.com/bid/20737"}, {"name": "csa-port-scan-dos(29829)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"}, {"name": "30055", "refsource": "OSVDB", "url": "http://www.osvdb.org/30055"}, {"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service", "refsource": "CISCO", "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"}, {"name": "ADV-2006-4198", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/4198"}, {"name": "22574", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/22574"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T19:55:53.339Z"}, "title": "CVE Program Container", "references": [{"name": "1017118", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://securitytracker.com/id?1017118"}, {"name": "20737", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/20737"}, {"name": "csa-port-scan-dos(29829)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"}, {"name": "30055", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/30055"}, {"name": "20061025 Cisco Security Agent for Linux Port Scan Denial of Service", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"}, {"name": "ADV-2006-4198", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/4198"}, {"name": "22574", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/22574"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2006-5553", "datePublished": "2006-10-26T17:00:00", "dateReserved": "2006-10-26T00:00:00", "dateUpdated": "2024-08-07T19:55:53.339Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:cisco:security_agent:4.5:*:*:*:*:*:*:*", "matchCriteriaId": "5562E755-E4A3-4656-859A-40757012BE89", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1:*:*:*:*:*:*:*", "matchCriteriaId": "84A1657D-BBC9-4CF5-8F5A-486FAC8B9489", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:security_agent:4.5.1.639:*:*:*:*:*:*:*", "matchCriteriaId": "14F08C40-7A58-4B0B-A3A1-6F23DB113F22", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:security_agent:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "E171031D-51C1-41BB-96E4-DFFF0C36B74B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(1\\):*:*:*:*:*:*:*", "matchCriteriaId": "C5865997-F8B2-4ABB-96DF-3AE691A7CE5B", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "E9211420-9F35-4872-879A-5F7CA29C6299", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3\\):*:*:*:*:*:*:*", "matchCriteriaId": "D7DD4B55-4C68-45CD-988E-D470C26E5E71", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(3a\\):*:*:*:*:*:*:*", "matchCriteriaId": "48C1B081-1FD7-4BBD-84BD-E1E5F80C74FE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_callmanager:5.0\\(4\\):*:*:*:*:*:*:*", "matchCriteriaId": "BC32C417-3E61-4892-9A42-C31C6D62F09D", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "7F897DA4-E313-45C8-A4FB-52404D6541BE", "vulnerable": true}, {"criteria": "cpe:2.3:a:cisco:unified_presence_server:1.0\\(2\\):*:*:*:*:*:*:*", "matchCriteriaId": "CDA3BA5D-2CEB-4AAC-8CB4-4A2CDC574076", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options."}, {"lang": "es", "value": "Cisco Security Agent (CSA) para Linux 4.5 anteriores a 4.5.1.657 y 5.0 anteriores a 5.0.0.193, tal y como se usan en Unified CallManager (CUCM) y Unified Presence Server (CUPS), permite a atacantes remotos provocar una denegaci\u00f3n de servicio (resource consumption) mediante una exploraci\u00f3n de puertos con opciones concretas."}], "evaluatorSolution": "This vulnerability is addressed in the following product updates:\r\nCisco, Unified CallManager, 5.0(4)\r\nCisco, Unified CallManager, 5.0(4a) with CSA COP upgrade\r\nCisco, Unified Presence Server, 1.0(2) with CSA COP upgrade\r\nCisco, Security Agent, 5.0.193\r\nCisco, Security Agent, 4.5.1.657\r\nCisco, Security Agent, 5.1", "id": "CVE-2006-5553", "lastModified": "2017-07-20T01:33:49.773", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-10-26T17:07:00.000", "references": [{"source": "cve@mitre.org", "url": "http://secunia.com/advisories/22574"}, {"source": "cve@mitre.org", "url": "http://securitytracker.com/id?1017118"}, {"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807693c7.shtml"}, {"source": "cve@mitre.org", "url": "http://www.osvdb.org/30055"}, {"source": "cve@mitre.org", "tags": ["Patch"], "url": "http://www.securityfocus.com/bid/20737"}, {"source": "cve@mitre.org", "url": "http://www.vupen.com/english/advisories/2006/4198"}, {"source": "cve@mitre.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/29829"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}