Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1604

Overview

Vulnerability Score 7.1 7.1
CVE Id CVE-2011-1604
Last Modified 11 May 2011 03:25:38
Published 03 May 2011 06:55:02
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1604

Summary

Memory leak in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)su3, 7.x before 7.1(5b)su3, 8.0 before 8.0(3a)su2, and 8.5 before 8.5(1) allows remote attackers to cause a denial of service (memory consumption and process failure) via a malformed SIP message, aka Bug ID CSCti42904.

Vulnerable Systems

Application

  • Cisco Unified Communications Manager 6.0

  • Cisco Unified Communications Manager 6.1%281%29

  • Cisco Unified Communications Manager 6.1%281a%29

  • Cisco Unified Communications Manager 6.1%281b%29

  • Cisco Unified Communications Manager 6.1%282%29

  • Cisco Unified Communications Manager 6.1%282%29su1

  • Cisco Unified Communications Manager 6.1%282%29su1a

  • Cisco Unified Communications Manager 6.1%283%29

  • Cisco Unified Communications Manager 6.1%283a%29

  • Cisco Unified Communications Manager 6.1%283b%29

  • Cisco Unified Communications Manager 6.1%283b%29su1

  • Cisco Unified Communications Manager 6.1%284%29

  • Cisco Unified Communications Manager 6.1%284%29su1

  • Cisco Unified Communications Manager 6.1%284a%29

  • Cisco Unified Communications Manager 6.1%284a%29su2

  • Cisco Unified Communications Manager 6.1%285%29

  • Cisco Unified Communications Manager 6.1%285%29su1

  • Cisco Unified Communications Manager 6.1%285%29su2

  • Cisco Unified Communications Manager 7.0%281%29su1

  • Cisco Unified Communications Manager 7.0%281%29su1a

  • Cisco Unified Communications Manager 7.0%282%29

  • Cisco Unified Communications Manager 7.0%282a%29

  • Cisco Unified Communications Manager 7.0%282a%29su1

  • Cisco Unified Communications Manager 7.0%282a%29su2

  • Cisco Unified Communications Manager 7.1%282a%29

  • Cisco Unified Communications Manager 7.1%282a%29su1

  • Cisco Unified Communications Manager 7.1%282b%29

  • Cisco Unified Communications Manager 7.1%282b%29su1

  • Cisco Unified Communications Manager 7.1%283%29

  • Cisco Unified Communications Manager 7.1%283a%29

  • Cisco Unified Communications Manager 7.1%283a%29su1

  • Cisco Unified Communications Manager 7.1%283a%29su1a

  • Cisco Unified Communications Manager 7.1%283b%29

  • Cisco Unified Communications Manager 7.1%283b%29su1

  • Cisco Unified Communications Manager 7.1%283b%29su2

  • Cisco Unified Communications Manager 7.1%285%29

  • Cisco Unified Communications Manager 7.1%285%29su1

  • Cisco Unified Communications Manager 7.1%285%29su1a

  • Cisco Unified Communications Manager 7.1%285a%29

  • Cisco Unified Communications Manager 7.1%285b%29

  • Cisco Unified Communications Manager 7.1%285b%29su2

  • Cisco Unified Communications Manager 8.0%282c%29

  • Cisco Unified Communications Manager 8.0%282c%29su1

  • Cisco Unified Communications Manager 8.0%283%29

  • Cisco Unified Communications Manager 8.0%283a%29

  • Cisco Unified Communications Manager 8.0%283a%29su1

  • Cisco Unified Communications Manager 8.5


References

XF - ucm-sip-dos(67122)

VUPEN - ADV-2011-1122

SECTRACK - 1025449

BID - 47609

CISCO - 20110427 Multiple Vulnerabilities in Cisco Unified Communications Manager

SECUNIA - 44331

FULLDISC - 20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability


Last Updated: 27 May 2016 10:56:23