PT-2020-1974 · Cisco · Cisco Ios

Published

2020-02-12

Updated

2020-03-02

CVE-2011-4661

CVSS v2.0

7.1

High

Vector

AV:N/AC:M/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Cisco IOS versions prior to 15.2(1)T

Description A memory leak vulnerability exists in the HTTP PROXY Server process of Cisco IOS, potentially allowing a remote attacker to cause a denial of service. This issue arises when Cisco IOS is configured with Cisco ISR Web Security, Cisco ScanSafe, and User Authentication NTLM.

Recommendations For versions prior to 15.2(1)T, update to version 15.2(1)T or later to resolve the issue. As a temporary workaround, consider disabling the HTTP PROXY Server process until a patch is available. Restrict access to the HTTP PROXY Server to minimize the risk of exploitation. Avoid using NTLM authentication in the affected configuration until the issue is resolved.

Fix

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772

Related Identifiers

BDU:2020-01273

CVE-2011-4661

Affected Products

Cisco Ios

PT-2020-1974 · Cisco · Cisco Ios

CVE-2011-4661

Weakness Enumeration

Related Identifiers

Affected Products

References · 5