Details of VAR-201209-0398

ID

VAR-201209-0398

CVE

CVE-2012-3935

TITLE

Cisco Unified Presence and Jabber Extensible Communications Platform Service disruption in (DoS) Vulnerabilities

Trust: 0.8

sources: JVNDB: JVNDB-2012-004326

DESCRIPTION

Cisco Unified Presence (CUP) before 8.6(3) and Jabber Extensible Communications Platform (aka Jabber XCP) before 5.3 allow remote attackers to cause a denial of service (process crash) via a crafted XMPP stream header, aka Bug ID CSCtu32832. Successful exploits will allow attackers to crash the Connection Manager process, denying service to legitimate users. This issue is being tracked by the Cisco Bug ID CSCtu32832. ---------------------------------------------------------------------- The final version of the CSI 6.0 has been released. Find out why this is not just another Patch Management solution: http://secunia.com/blog/325/ ---------------------------------------------------------------------- TITLE: Cisco Unified Presence / Jabber XCP Stream Header Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA50562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/50562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=50562 RELEASE DATE: 2012-09-13 DISCUSS ADVISORY: http://secunia.com/advisories/50562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/50562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=50562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Unified Presence and Cisco Jabber XCP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the Extensible Messaging and Presence Protocol (XMPP) server when handling incoming stream headers. This can be exploited to cause the Connection Manager process to terminate via a specially crafted header. * Jabber XCP versions prior to 5.3. SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

Trust: 2.07

sources: NVD: CVE-2012-3935 // JVNDB: JVNDB-2012-004326 // BID: 55514 // VULHUB: VHN-57216 // PACKETSTORM: 116535

AFFECTED PRODUCTS

vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(3\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(3\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(4\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(6\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(2\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(7\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(5\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(1\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0\(5\)	Trust: 1.6
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(4\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	1.0	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0_2	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.0\(1\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(9\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.0	Trust: 1.0
vendor:	cisco	model:	jabber extensible communications platform	scope:	lte	version:	5.2	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.5\(2\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(7\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.0\(3\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(1\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.5\(1\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.0\(2\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.6\(1\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(8\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.0\(4\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	6.0_1	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	lte	version:	8.6\(2\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.5	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	8.5\(3\)	Trust: 1.0
vendor:	cisco	model:	unified presence	scope:	eq	version:	7.0\(6\)	Trust: 1.0
vendor:	cisco	model:	jabber extensible communications platform	scope:	lt	version:	5.3	Trust: 0.8
vendor:	cisco	model:	unified presence	scope:	lt	version:	8.6(3)	Trust: 0.8
vendor:	cisco	model:	jabber extensible communications platform	scope:	eq	version:	5.2	Trust: 0.6
vendor:	cisco	model:	unified presence server	scope:	eq	version:	8.6	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	8.5	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	8.0	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	7.0(8)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	7.0(4)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	7.0	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0(7)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0(6)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0(3)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0(2)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0(1)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	1.0(3)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	1.0(2)	Trust: 0.3
vendor:	cisco	model:	unified presence server	scope:	eq	version:	1.0	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	5.2	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	4.0	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	3.0	Trust: 0.3
vendor:	cisco	model:	jabber xcp	scope:	eq	version:	2.0	Trust: 0.3

sources: BID: 55514 // JVNDB: JVNDB-2012-004326 // CNNVD: CNNVD-201209-225 // NVD: CVE-2012-3935

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2012-3935
value:	HIGH
Trust: 1.0
NVD:	CVE-2012-3935
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201209-225
value:	HIGH
Trust: 0.6
VULHUB:	VHN-57216
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2012-3935
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-57216
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-57216 // JVNDB: JVNDB-2012-004326 // CNNVD: CNNVD-201209-225 // NVD: CVE-2012-3935

PROBLEMTYPE DATA

problemtype:

CWE-119

Trust: 1.9

sources: VULHUB: VHN-57216 // JVNDB: JVNDB-2012-004326 // NVD: CVE-2012-3935

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201209-225

TYPE

buffer overflow

Trust: 0.6

sources: CNNVD: CNNVD-201209-225

CONFIGURATIONS

sources: JVNDB: JVNDB-2012-004326

PATCH

title:	cisco-sa-20120912-cupxcp	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120912-cupxcp	Trust: 0.8
title:	cisco-sa-20120912-cupxcp	url:	http://www.cisco.com/cisco/web/support/JP/111/1116/1116204_cisco-sa-20120912-cupxcp-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2012-004326

EXTERNAL IDS

db:	NVD	id:	CVE-2012-3935	Trust: 2.8
db:	SECUNIA	id:	50562	Trust: 1.2
db:	OSVDB	id:	85421	Trust: 1.1
db:	SECTRACK	id:	1027520	Trust: 1.1
db:	JVNDB	id:	JVNDB-2012-004326	Trust: 0.8
db:	CNNVD	id:	CNNVD-201209-225	Trust: 0.7
db:	NSFOCUS	id:	20670	Trust: 0.6
db:	BID	id:	55514	Trust: 0.4
db:	VULHUB	id:	VHN-57216	Trust: 0.1
db:	PACKETSTORM	id:	116535	Trust: 0.1

sources: VULHUB: VHN-57216 // BID: 55514 // JVNDB: JVNDB-2012-004326 // PACKETSTORM: 116535 // CNNVD: CNNVD-201209-225 // NVD: CVE-2012-3935

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20120912-cupxcp	Trust: 1.8
url:	http://osvdb.org/85421	Trust: 1.1
url:	http://www.securitytracker.com/id?1027520	Trust: 1.1
url:	http://secunia.com/advisories/50562	Trust: 1.1
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/78457	Trust: 1.1
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2012-3935	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2012-3935	Trust: 0.8
url:	http://www.nsfocus.net/vulndb/20670	Trust: 0.6
url:	http://www.cisco.com/en/us/products/ps6837/index.html	Trust: 0.3
url:	http://www.cisco.com/en/us/products/ps10969/index.html	Trust: 0.3
url:	http://secunia.com/vulnerability_intelligence/	Trust: 0.1
url:	http://secunia.com/advisories/secunia_security_advisories/	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/	Trust: 0.1
url:	https://ca.secunia.com/?page=viewadvisory&vuln_id=50562	Trust: 0.1
url:	http://secunia.com/vulnerability_scanning/personal/	Trust: 0.1
url:	http://secunia.com/advisories/50562/#comments	Trust: 0.1
url:	http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org	Trust: 0.1
url:	http://secunia.com/advisories/50562/	Trust: 0.1
url:	http://secunia.com/blog/325/	Trust: 0.1
url:	http://secunia.com/advisories/about_secunia_advisories/	Trust: 0.1

sources: VULHUB: VHN-57216 // BID: 55514 // JVNDB: JVNDB-2012-004326 // PACKETSTORM: 116535 // CNNVD: CNNVD-201209-225 // NVD: CVE-2012-3935

CREDITS

Cisco

Trust: 0.3

sources: BID: 55514

SOURCES

db:	VULHUB	id:	VHN-57216
db:	BID	id:	55514
db:	JVNDB	id:	JVNDB-2012-004326
db:	PACKETSTORM	id:	116535
db:	CNNVD	id:	CNNVD-201209-225
db:	NVD	id:	CVE-2012-3935

LAST UPDATE DATE

2025-04-11T23:12:52.736000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-57216	date:	2017-08-29T00:00:00
db:	BID	id:	55514	date:	2012-09-12T00:00:00
db:	JVNDB	id:	JVNDB-2012-004326	date:	2012-09-14T00:00:00
db:	CNNVD	id:	CNNVD-201209-225	date:	2012-09-14T00:00:00
db:	NVD	id:	CVE-2012-3935	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-57216	date:	2012-09-12T00:00:00
db:	BID	id:	55514	date:	2012-09-12T00:00:00
db:	JVNDB	id:	JVNDB-2012-004326	date:	2012-09-14T00:00:00
db:	PACKETSTORM	id:	116535	date:	2012-09-13T06:16:31
db:	CNNVD	id:	CNNVD-201209-225	date:	2012-09-14T00:00:00
db:	NVD	id:	CVE-2012-3935	date:	2012-09-12T23:55:00.807