Vulnerabilities > CVE-2009-2867 - Unspecified vulnerability in Cisco IOS

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

nessus

NVD

Published: 2009-09-28

Updated: 2017-09-19

Summary

Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691.

Vulnerable Configurations

Part	Description	Count
OS	Cisco Cisco IOS 12.2Xna Cisco IOS 12.2Xnb Cisco IOS 12.2Xnc Cisco IOS 12.2Xnd Cisco IOS 12.4T Cisco IOS 12.4Xz Cisco IOS 12.4Ya Cisco IOS 12.4Yb	8

Nessus

NASL family	CISCO
NASL id	CISCO-SA-20090923-IOS-FWHTTP.NASL
description	Cisco IOS devices that are configured with Cisco IOS Zone-Based Policy Firewall Session Initiation Protocol (SIP) inspection are vulnerable to denial of service (DoS) attacks when processing a specific SIP transit packet. Exploitation of the vulnerability could result in a reload of the affected device. Cisco has released free software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available.
last seen	2019-10-28
modified	2010-09-01
plugin id	49043
published	2010-09-01
reporter	This script is (C) 2010-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/49043
title	Cisco IOS Software Zone-Based Policy Firewall Vulnerability - Cisco Systems

Oval

accepted

2013-04-22T04:00:15.726-04:00

class

vulnerability

contributors

name KASHIF LATIF
organization DTCC
name Shane Shaffer
organization G2, Inc.

description

family

ios

oval:org.mitre.oval:def:7254

status

accepted

submitted

2010-05-13T12:00:00.000-04:00

title

Cisco IOS zone based sip inspection vulnerability

version

Summary

Vulnerable Configurations

Nessus

Oval

References