Memory Leak Vulnerability in Cisco CallManager Affects Multiple Versions
CVE-2005-2243

Currently unrated

Key Information:

Vendor: Cisco
Status: Call Manager
Vendor: CVE Published:; 12 July 2005

What is CVE-2005-2243?

The memory leak vulnerability in Cisco CallManager's inetinfo.exe component arises when Multi Level Admin (MLA) functionality is enabled. Attackers can exploit this flaw by attempting a large number of failed logins through the Admin Service Tool (AST), resulting in excessive memory consumption. This can lead to service disruption as legitimate users may be unable to access the system.

References

http://www.cisco.com/warp/public/707/cisco-sa-20050712-cc...

vendor-advisoryx_refsource_CISCO

http://www.securityfocus.com/bid/14253

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 12, 2005
Vulnerability Reserved
Jul 12, 2005