CVE-2011-0941

Name of the Vulnerable Software and Affected Versions Cisco Unified Communications Manager (CUCM) versions 6.x through 6.1(5) before su2 Cisco Unified Communications Manager (CUCM) versions 7.x through 7.1(5b) before su3 Cisco Unified Communications Manager (CUCM) versions 8.x through 8.0(3a) before su1 Cisco Unified Communications Manager (CUCM) versions 8.5 through 8.5(1) Cisco IOS versions 12.4 and 15.1

Description A memory leak issue allows remote attackers to cause a denial of service, resulting in memory consumption and process failure or device reload, via a malformed SIP message.

Recommendations For Cisco Unified Communications Manager (CUCM) versions 6.x through 6.1(5) before su2, update to version 6.1(5)su2 or later. For Cisco Unified Communications Manager (CUCM) versions 7.x through 7.1(5b) before su3, update to version 7.1(5b)su3 or later. For Cisco Unified Communications Manager (CUCM) versions 8.x through 8.0(3a) before su1, update to version 8.0(3a)su1 or later. For Cisco Unified Communications Manager (CUCM) versions 8.5 through 8.5(1), update to a version later than 8.5(1). For Cisco IOS versions 12.4 and 15.1, consider applying configuration changes to restrict the handling of malformed SIP messages until a patch is available.