Vulnerabilities > CVE-2009-0619 - Remote Denial Of Service vulnerability in Cisco Session Border Controller 3.0(1)

047910
CVSS 7.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
COMPLETE
network
low complexity
cisco
NVD
Published: 2009-03-05
Updated: 2017-08-17

Summary

Unspecified vulnerability in the Session Border Controller (SBC) before 3.0(2) for Cisco 7600 series routers allows remote attackers to cause a denial of service (SBC card reload) via crafted packets to TCP port 2000.

Vulnerable Configurations

Part Description Count
Application
Cisco
1
Hardware
Cisco
1

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 33975 CVE(CAN) ID: CVE-2009-0619 会话边界控制器(SBC)是位于网络边界的多媒体设备,控制到该网络的呼叫准入。 Cisco SBC中存在漏洞,未经认证的攻击者可以通过在2000端口上发送特制的TCP报文导致Cisco SBC卡重载。反复攻击可导致持续的拒绝服务情况。 Cisco Session Border Controller 3.0(1) 临时解决方法: * 在RP的信令/媒体VLAN配置ACL。以下示例显示如何将VLAN 140配置为信令/媒体VLAN。 Cisco SBC配置 interface vlan 140 ip address 10.140.1.90 255.255.255.0 alias 10.140.1.100 255.255.255.0 peer ip address 10.140.1.8 255.255.255.0 ! ft interface vlan 77 ip address 192.168.1.1 255.255.255.0 peer ip address 192.168.1. 255.255.255.0 RP配置 !- ACL blocking all TCP port 2000 traffic to the 10.140.1.0 internal network ! access-list 100 deny tcp any host 10.140.1.100 eq 2000 access-list 100 permit ip any any ! interface Vlan140 ip address 10.140.1.1 255.255.255.0 !- ACL is applied to the VLAN interface to egress traffic ip access-group 100 out ! 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20090304-sbc)以及相应补丁: cisco-sa-20090304-sbc:Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability 链接:<a href=http://www.cisco.com/warp/public/707/cisco-sa-20090304-sbc.shtml target=_blank rel=external nofollow>http://www.cisco.com/warp/public/707/cisco-sa-20090304-sbc.shtml</a> 补丁下载: <a href=http://www.cisco.com/pcgi-bin/tablebuild.pl/sbc-7600-crypto target=_blank rel=external nofollow>http://www.cisco.com/pcgi-bin/tablebuild.pl/sbc-7600-crypto</a>
idSSV:4872
last seen2017-11-19
modified2009-03-05
published2009-03-05
reporterRoot
titleCisco会话边界控制器远程拒绝服务漏洞

References