Executive Summary
Summary | |
---|---|
Title | Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities |
Informations | |||
---|---|---|---|
Name | cisco-sa-20100324-sip | First vendor Publication | 2009-12-14 |
Vendor | Cisco | Last vendor Modification | 2010-03-24 |
Severity (Vendor) | N/A | Revision | 1.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Remote code execution may also be possible. Cisco has released free software updates that address these vulnerabilities. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerabilities. |
Original Source
Url : http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml |
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
63185 | Cisco IOS Malformed SIP Message Handling Unspecified Remote Code Execution (C... |
63184 | Cisco IOS Malformed SIP Message Handling Unspecified Remote Code Execution (C... |
63183 | Cisco IOS Malformed SIP Message Handling Unspecified Remote Code Execution (C... |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-09-01 | Name : The remote device is missing a vendor-supplied security patch. File : cisco-sa-20100324-siphttp.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 10:21:58 |
|