Published: 12/08/2002 Updated: 05/09/2008

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 prior to 3.1(3) allows remote malicious users to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco call manager 3.0
cisco call manager 3.1

The Cisco CallManager, running certain software releases, has a vulnerability wherein a memory leak in the CTI Framework authentication can cause the server to crash and result in a reload This vulnerability can be exploited to initiate a denial of service (DoS) attack This vulnerability is documented as Cisco bug ID CSCdv28302 There a ...

NVD-CWE-Other http://www.securityfocus.com/bid/4370 http://www.iss.net/security_center/static/8655.php http://www.cisco.com/warp/public/707/callmanager-ctifw-leak-pub.shtml https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020327-cm-ctifw-leak https://www.kb.cert.org/vuls/id/495275

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2002-0505

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect