CVE-2005-2241

Name of the Vulnerable Software and Affected Versions: Cisco CallManager versions 3.2 and earlier Cisco CallManager version 3.3 before 3.3(5) Cisco CallManager version 4.0 before 4.0(2a)SR2b Cisco CallManager version 4.1 before 4.1(3)SR1

Description: The issue results in a resource leak, allowing remote attackers to cause a denial of service by consuming memory and connections in RisDC.exe, due to the failure to quickly time out Realtime Information Server Data Collection sockets.

Recommendations: For Cisco CallManager versions 3.2 and earlier, update to a version later than 3.2 to resolve the issue. For Cisco CallManager version 3.3 before 3.3(5), update to version 3.3(5) or later to resolve the issue. For Cisco CallManager version 4.0 before 4.0(2a)SR2b, update to version 4.0(2a)SR2b or later to resolve the issue. For Cisco CallManager version 4.1 before 4.1(3)SR1, update to version 4.1(3)SR1 or later to resolve the issue.