Vulnerabilities > CVE-2007-0648 - Remote Denial Of Service vulnerability in Cisco IOS SIP Packet Handling
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
Vulnerable Configurations
Nessus
NASL family CISCO NASL id CISCO-SA-20070131-SIPHTTP.NASL description Cisco devices running an affected version of Internetwork Operating System (IOS) which supports Session Initiation Protocol (SIP) are affected by a vulnerability that may lead to a reload of the device when receiving a specific series of packets destined to port 5060. This issue is compounded by a related bug which allows traffic to TCP 5060 and UDP port 5060 on devices not configured for SIP. There are no known instances of intentional exploitation of this issue. However, Cisco has observed data streams that appear to be unintentionally triggering the vulnerability. Workarounds exist to mitigate the effects of this problem on devices which do not require SIP. last seen 2019-10-28 modified 2010-09-01 plugin id 48999 published 2010-09-01 reporter This script is (C) 2010-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/48999 title SIP Packets Reload IOS Devices with support for SIP NASL family CISCO NASL id CSCSH58082.NASL description The remote version of IOS contains a flaw that could cause the remote router to crash when it receives a malicious SIP (Session Initiation Protocol) packet. An attacker might use these flaws to disable this device remotely. last seen 2020-06-01 modified 2020-06-02 plugin id 24740 published 2007-03-01 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24740 title Cisco IOS SIP Packet Handling Remote DoS (CSCsh58082)
Oval
| accepted | 2010-06-14T04:00:02.671-04:00 | ||||||||
| class | vulnerability | ||||||||
| contributors |
| ||||||||
| description | Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. | ||||||||
| family | ios | ||||||||
| id | oval:org.mitre.oval:def:5138 | ||||||||
| status | accepted | ||||||||
| submitted | 2008-05-26T11:06:36.000-04:00 | ||||||||
| title | Cisco IOS Device SIP Support DoS Vulnerability | ||||||||
| version | 6 |
References
- http://secunia.com/advisories/23978
- http://securitytracker.com/id?1017575
- http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml
- http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml
- http://www.kb.cert.org/vuls/id/438176
- http://www.securityfocus.com/bid/22330
- http://www.vupen.com/english/advisories/2007/0428
- https://exchange.xforce.ibmcloud.com/vulnerabilities/31990
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5138