CVE-2008-1742

Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609.

Affected Software

Name	Vendor	Start Version	End Version
Unified_communications_manager	Cisco	4.1 (including)	4.1 (including)
Unified_communications_manager	Cisco	4.2 (including)	4.2 (including)
Unified_communications_manager	Cisco	4.3 (including)	4.3 (including)
Unified_communications_manager	Cisco	5.1-(1) (including)	5.1-(1) (including)
Unified_communications_manager	Cisco	5.1-(2) (including)	5.1-(2) (including)
Unified_communications_manager	Cisco	5.1-(2a) (including)	5.1-(2a) (including)
Unified_communications_manager	Cisco	5.1-(2b) (including)	5.1-(2b) (including)
Unified_communications_manager	Cisco	5.1-(3a) (including)	5.1-(3a) (including)
Unified_communications_manager	Cisco	6.0 (including)	6.0 (including)
Unified_communications_manager	Cisco	6.0-(1) (including)	6.0-(1) (including)
Unified_communications_manager	Cisco	6.0-(1a) (including)	6.0-(1a) (including)
Unified_communications_manager	Cisco	6.1 (including)	6.1 (including)
Unified_communications_manager	Cisco	6.1-(1a) (including)	6.1-(1a) (including)

NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-1742
CWE	https://cwe.mitre.org/data/definitions/399.html

Affected Software

References