CVE-2009-1165

Loading...

General

Score:7.8/10.0
Severity:High
Category:Resource Management Error
Exploit:Available

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Complete

Exploitability Metrics

Access Vector:Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2009-1164, CVE-2009-1166, CVE-2009-1167

Published on 29/07/09 - Updated on 07/08/09

Description

Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789.

Category: Resource Management Error

CWE-399 (Resource Management Errors)
Weaknesses in this category are related to improper management of system resources.

Security Notices

US National Vulnerability DatabaseCVE-2009-1165
Agence Nationale de la Sécurité des Systèmes d'Information CERTA-2009-AVI-301
Renater 2009/VULN295

Exploits

SecurityFocusBID-35817

Relative technologies

VendorProduct
ciscocatalyst_3750g
ciscocisco_1500_wireless_lan_controller
ciscocisco_2000_wireless_lan_controller
ciscocisco_2100_wireless_lan_controller
ciscocisco_4100_wireless_lan_controller
ciscocisco_4200_wireless_lan_controller
ciscocisco_4400_wireless_lan_controller

Share this vulnerability with:

Twitter Facebook LinkedIn Mail