CVE-2005-2244

Name of the Vulnerable Software and Affected Versions: Cisco CallManager versions 3.2 and earlier Cisco CallManager version 3.3 before 3.3(5) Cisco CallManager version 4.0 before 4.0(2a)SR2b Cisco CallManager version 4.1 before 4.1(3)SR1

Description: The issue allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow in the aupair service (aupair.exe).

Recommendations: For Cisco CallManager version 3.2 and earlier, update to a version later than 3.2. For Cisco CallManager version 3.3 before 3.3(5), update to version 3.3(5) or later. For Cisco CallManager version 4.0 before 4.0(2a)SR2b, update to version 4.0(2a)SR2b or later. For Cisco CallManager version 4.1 before 4.1(3)SR1, update to version 4.1(3)SR1 or later.