CVE-2011-2072

Sažetak

Memory leak in Cisco IOS 12.4, 15.0, and 15.1, Cisco IOS XE 2.5.x through 3.2.x, and Cisco Unified Communications Manager (CUCM) 6.x and 7.x before 7.1(5b)su4, 8.x before 8.5(1)su2, and 8.6 before 8.6(1) allows remote attackers to cause a denial of service (memory consumption and device reload or process failure) via a malformed SIP message, aka Bug IDs CSCtl86047 and CSCto88686.

Reference

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-cucm
http://tools.cisco.com/security/center/viewAlert.x?alertId=24129
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d58.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a0080b95d5a.shtml
http://www.securitytracker.com/id?1026110

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Zadnje važnije ažuriranje

03-11-2011 - 02:58

Objavljeno

03-10-2011 - 23:55