CVE-2005-2243

Name of the Vulnerable Software and Affected Versions: Cisco CallManager versions 3.2 and earlier Cisco CallManager version 3.3 before 3.3(5) Cisco CallManager version 4.0 before 4.0(2a)SR2b Cisco CallManager version 4.1 before 4.1(3)SR1

Description: A memory leak in the inetinfo.exe process occurs when the Multi Level Admin (MLA) feature is enabled, allowing remote attackers to cause a denial of service by consuming memory via a large number of failed Admin Service Tool (AST) logins.

Recommendations: For Cisco CallManager versions 3.2 and earlier, update to a version later than 3.2. For Cisco CallManager version 3.3 before 3.3(5), update to version 3.3(5) or later. For Cisco CallManager version 4.0 before 4.0(2a)SR2b, update to version 4.0(2a)SR2b or later. For Cisco CallManager version 4.1 before 4.1(3)SR1, update to version 4.1(3)SR1 or later.