Executive Summary

Informations
Name CVE-2009-1165 First vendor Publication 2009-07-29
Vendor Cve Last vendor Modification 2009-08-07

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:C)
Cvss Base Score 7.8 Attack Range Network
Cvss Impact Score 6.9 Attack Complexity Low
Cvss Expoit Score 10 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1165

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-399 Resource Management Errors

CPE : Common Platform Enumeration

TypeDescriptionCount
Hardware 1
Hardware 6
Hardware 6
Hardware 6
Hardware 6
Hardware 6
Hardware 6

Open Source Vulnerability Database (OSVDB)

Id Description
56701 Cisco Wireless LAN Controllers (WLCs) SSH Management Connection Memory Exhaus...

Cisco Wireless LAN Controllers (WLCs) contain a flaw that may allow a remote denial of service. The issue can be triggered via ssh memory leak, and will result in a crash and reload of the device.

Information Assurance Vulnerability Management (IAVM)

Date Description
2009-07-30 IAVM : 2009-T-0044 - Multiple Vulnerabilities in Cisco Wireless LAN Controllers
Severity : Category I - VMSKEY : V0019817

Nessus® Vulnerability Scanner

Date Description
2013-09-25 Name : The remote device is missing a vendor-supplied security update.
File : cisco-sa-20090727-wlc.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

Source Url
BID http://www.securityfocus.com/bid/35817
CISCO http://www.cisco.com/en/US/products/products_security_advisory09186a0080adb3d...
SECTRACK http://www.securitytracker.com/id?1022605
VUPEN http://www.vupen.com/english/advisories/2009/2021

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
Date Informations
2021-05-04 12:09:21
  • Multiple Updates
2021-04-22 01:09:42
  • Multiple Updates
2020-05-23 00:23:34
  • Multiple Updates
2014-02-17 10:49:31
  • Multiple Updates
2013-11-11 12:38:17
  • Multiple Updates
2013-05-10 23:47:53
  • Multiple Updates