Details of VAR-201111-0003

ID

VAR-201111-0003

CVE

CVE-2011-0941

TITLE

Cisco Unified Communications Manager and Cisco IOS Memory leak vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2011-002772

DESCRIPTION

Memory leak in Cisco Unified Communications Manager (CUCM) 6.x before 6.1(5)su2, 7.x before 7.1(5b)su3, 8.x before 8.0(3a)su1, and 8.5 before 8.5(1), and Cisco IOS 12.4 and 15.1, allows remote attackers to cause a denial of service (memory consumption and process failure or device reload) via a malformed SIP message, aka Bug IDs CSCti75128 and CSCtj09179. Cisco Unified Communications Manager (CUCM) and Cisco IOS Contains a memory leak vulnerability

Trust: 1.98

sources: NVD: CVE-2011-0941 // JVNDB: JVNDB-2011-002772 // BID: 78594 // VULHUB: VHN-48886

AFFECTED PRODUCTS

vendor:	cisco	model:	ios	scope:	eq	version:	15.1	Trust: 2.7
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 2.7
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.5	Trust: 1.9
vendor:	cisco	model:	unified communications manager 7.1 su1	scope:	-	version:	-	Trust: 1.8
vendor:	cisco	model:	unified communications manager 7.1	scope:	-	version:	-	Trust: 1.8
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5b\)su2	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(1\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(2b\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3b\)su2	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(3a\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(2a\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(2\)	Trust: 1.6
vendor:	cisco	model:	unified communications manager 6.1	scope:	-	version:	-	Trust: 1.5
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0	Trust: 1.3
vendor:	cisco	model:	unified communications manager 8.0	scope:	-	version:	-	Trust: 1.2
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(2\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3a\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(4a\)su2	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(2\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5b\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(4a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(4\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3a\)su1a	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(3b\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(4\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5\)su1a	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(3a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(2\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5b\)su1a	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(2b\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(5\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(2a\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(1\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3b\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(1b\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(3b\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(2a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(2c\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(3b\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(1a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(1\)su1a	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.0	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(2a\)su2	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0\(2c\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(3\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(2a\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(2b\)	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(2a\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0\(1\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(2\)su1a	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1\(5\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1\(5b\)su1	Trust: 1.0
vendor:	cisco	model:	unified communications manager 7.1 su1a	scope:	-	version:	-	Trust: 0.9
vendor:	cisco	model:	unified operations manager	scope:	eq	version:	7.1(5b)su3	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	lt	version:	8.x	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	lt	version:	8.5	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	eq	version:	8.5(1)	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	eq	version:	8.0(3a)su1	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	lt	version:	7.x	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	eq	version:	6.1(5)su2	Trust: 0.8
vendor:	cisco	model:	unified operations manager	scope:	lt	version:	6.x	Trust: 0.8
vendor:	cisco	model:	unified communications manager 7.0 su1	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	unified communications manager su1	scope:	eq	version:	6.1	Trust: 0.6
vendor:	cisco	model:	unified communications manager 8.0 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	8.0(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1(5)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 7.1 su2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.1(3)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 7.0 su2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager 7.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	7.0(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 7.0 su1a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(5)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 6.1 su2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager 6.1 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(4)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(3)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 6.1 su1a	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(1)	Trust: 0.3
vendor:	avg	model:	anti-virus free edition	scope:	eq	version:	7.5.446	Trust: 0.3

sources: BID: 78594 // JVNDB: JVNDB-2011-002772 // CNNVD: CNNVD-201111-001 // NVD: CVE-2011-0941

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2011-0941
value:	HIGH
Trust: 1.0
NVD:	CVE-2011-0941
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-201111-001
value:	HIGH
Trust: 0.6
VULHUB:	VHN-48886
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2011-0941
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.8
VULHUB:	VHN-48886
severity:	HIGH
baseScore:	7.8
vectorString:	AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	COMPLETE
exploitabilityScore:	10.0
impactScore:	6.9
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-48886 // JVNDB: JVNDB-2011-002772 // CNNVD: CNNVD-201111-001 // NVD: CVE-2011-0941

PROBLEMTYPE DATA

problemtype:

CWE-399

Trust: 1.9

sources: VULHUB: VHN-48886 // JVNDB: JVNDB-2011-002772 // NVD: CVE-2011-0941

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201111-001

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201111-001

CONFIGURATIONS

sources: JVNDB: JVNDB-2011-002772

PATCH

title:	cisco-sa-20110928-cucm	url:	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20110928-cucm	Trust: 0.8
title:	24525	url:	http://tools.cisco.com/security/center/viewAlert.x?alertId=24525	Trust: 0.8
title:	cisco-sa-20110928-cucm	url:	http://www.cisco.com/cisco/web/support/JP/110/1108/1108614_cisco-sa-20110928-cucm-j.html	Trust: 0.8

sources: JVNDB: JVNDB-2011-002772

EXTERNAL IDS

db:	NVD	id:	CVE-2011-0941	Trust: 2.8
db:	JVNDB	id:	JVNDB-2011-002772	Trust: 0.8
db:	CISCO	id:	20110928 CISCO UNIFIED COMMUNICATIONS MANAGER MEMORY LEAK VULNERABILITY	Trust: 0.6
db:	CNNVD	id:	CNNVD-201111-001	Trust: 0.6
db:	BID	id:	78594	Trust: 0.4
db:	VULHUB	id:	VHN-48886	Trust: 0.1

sources: VULHUB: VHN-48886 // BID: 78594 // JVNDB: JVNDB-2011-002772 // CNNVD: CNNVD-201111-001 // NVD: CVE-2011-0941

REFERENCES

url:	http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20110928-cucm	Trust: 2.0
url:	http://tools.cisco.com/security/center/viewalert.x?alertid=24525	Trust: 1.4
url:	http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2011-0941	Trust: 0.8
url:	http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2011-0941	Trust: 0.8

sources: VULHUB: VHN-48886 // BID: 78594 // JVNDB: JVNDB-2011-002772 // CNNVD: CNNVD-201111-001 // NVD: CVE-2011-0941

CREDITS

Unknown

Trust: 0.3

sources: BID: 78594

SOURCES

db:	VULHUB	id:	VHN-48886
db:	BID	id:	78594
db:	JVNDB	id:	JVNDB-2011-002772
db:	CNNVD	id:	CNNVD-201111-001
db:	NVD	id:	CVE-2011-0941

LAST UPDATE DATE

2025-04-11T23:10:45.782000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-48886	date:	2012-02-29T00:00:00
db:	BID	id:	78594	date:	2011-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2011-002772	date:	2011-11-10T00:00:00
db:	CNNVD	id:	CNNVD-201111-001	date:	2011-11-02T00:00:00
db:	NVD	id:	CVE-2011-0941	date:	2025-04-11T00:51:21.963

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-48886	date:	2011-11-01T00:00:00
db:	BID	id:	78594	date:	2011-11-01T00:00:00
db:	JVNDB	id:	JVNDB-2011-002772	date:	2011-11-10T00:00:00
db:	CNNVD	id:	CNNVD-201111-001	date:	2011-11-04T00:00:00
db:	NVD	id:	CVE-2011-0941	date:	2011-11-01T19:55:01.587