Vulnerabilities > CVE-2009-2866 - Denial of Service vulnerability in Cisco IOS H.323
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104.
Vulnerable Configurations
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20090923-H323HTTP.NASL |
| description | The H.323 implementation in Cisco IOS Software contains a vulnerability that can be exploited remotely to cause a device that is running Cisco IOS Software to reload. Cisco has released free software updates that address this vulnerability. There are no workarounds to mitigate the vulnerability apart from disabling H.323 if the device that is running Cisco IOS Software does not need to run H.323 for VoIP services. |
| last seen | 2019-10-28 |
| modified | 2010-09-01 |
| plugin id | 49042 |
| published | 2010-09-01 |
| reporter | This script is (C) 2010-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/49042 |
| title | Cisco IOS Software H.323 Denial of Service Vulnerability - Cisco Systems |
References
- http://osvdb.org/58337
- http://tools.cisco.com/security/center/viewAlert.x?alertId=18885
- http://www.cisco.com/en/US/products/products_security_advisory09186a0080af811a.shtml
- http://www.securityfocus.com/bid/36494
- http://www.securitytracker.com/id?1022930
- http://www.vupen.com/english/advisories/2009/2759
- https://exchange.xforce.ibmcloud.com/vulnerabilities/53446