Vulnerabilities > CVE-2010-0604 - Denial of Service vulnerability in Cisco PGW 2200 Softswitch 9.7(3)S/9.7(3)S9
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
COMPLETE Summary
Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Hardware | 2 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 40117,40120,40121,40122,40123,40124,40125,40126,40128 CVE(CAN) ID: CVE-2010-0601,CVE-2010-0602,CVE-2010-0603,CVE-2010-0604,CVE-2010-1561,CVE-2010-1562,CVE-2010-1563,CVE-2010-1567,CVE-2010-1565 PGW 2200是运营商级的软件交换机,可在NGN和IMS基础架构中用于执行呼叫控制。 PGW 2200软件交换机的SIP实现和MGCP实现中存在多个拒绝服务漏洞,远程攻击者可以通过发送畸形SIP或MGCP报文导致设备崩溃,或导致无法接受或创建新的TCP连接。 Cisco PGW 2200 Softswitch 9.8 Cisco PGW 2200 Softswitch 9.7 厂商补丁: Cisco ----- Cisco已经为此发布了一个安全公告(cisco-sa-20100512-pgw)以及相应补丁: cisco-sa-20100512-pgw:Multiple vulnerabilities in Cisco PGW Softswitch 链接:http://www.cisco.com/warp/public/707/cisco-sa-20100512-pgw.shtml |
id | SSV:19634 |
last seen | 2017-11-19 |
modified | 2010-05-16 |
published | 2010-05-16 |
reporter | Root |
title | Cisco PGW Softswitch产品SIP和MGCP报文处理拒绝服务漏洞 |