Vulnerabilities > CVE-2011-2577 - Remote Denial of Service vulnerability in Cisco TelePresence Codecs SIP Packet

CVSS 7.8 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

low complexity

cisco

nessus

exploit available

NVD

Published: 2011-08-31

Updated: 2018-10-09

Summary

Unspecified vulnerability in Cisco TelePresence C Series Endpoints, E/EX Personal Video units, and MXP Series Codecs, when using software versions before TC 4.0.0 or F9.1, allows remote attackers to cause a denial of service (crash) via a crafted SIP packet to port 5060 or 5061, aka Bug ID CSCtq46500.

Vulnerable Configurations

Part	Description	Count
Hardware	Cisco Cisco Telepresence Codec C40 * Cisco Telepresence Codec C60 * Cisco Telepresence Codec C90 * Cisco Telepresence Ex60 * Cisco Telepresence Ex90 * Cisco Telepresence 6000 MXP * Cisco Telepresence 9000 MXP * Cisco Telepresence E20 *	8
Application	Cisco Cisco Telepresence C Series Software Tc3.0.0 Cisco Telepresence C Series Software Tc3.1.0 Cisco Telepresence C Series Software Tc3.1.1 Cisco Telepresence C Series Software Tc3.1.2 Cisco Telepresence C Series Software Tc3.1.3 Cisco Telepresence C Series Software * Cisco Telepresence MXP Software F8.2 Cisco Telepresence MXP Software F9.0 Cisco Telepresence MXP Software F9.0.1 Cisco Telepresence MXP Software F9.0.2 Cisco Telepresence E20 Software Te2.2.1	11

Exploit-Db

description	Cisco TelePresence Multiple Vulnerabilities - SOS-11-010. CVE-2011-2543,CVE-2011-2544,CVE-2011-2577. Webapps exploit for hardware platform
file	exploits/hardware/webapps/17871.txt
id	EDB-ID:17871
last seen	2016-02-02
modified	2011-09-19
platform	hardware
port
published	2011-09-19
reporter	Sense of Security
source	https://www.exploit-db.com/download/17871/
title	Cisco TelePresence Multiple Vulnerabilities - SOS-11-010
type	webapps

Nessus

NASL family	CISCO
NASL id	CISCO_TELEPRESENCE_MCU_CVE_2011_2577.NASL
description	According to the self-reported version returned by the SNMP service on the remote device, it is affected by a denial of service vulnerability that can be triggered by sending a specially crafted SIP packet.
last seen	2020-06-01
modified	2020-06-02
plugin id	69047
published	2013-07-24
reporter	This script is Copyright (C) 2013-2018 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/69047
title	Cisco TelePresence Codecs DoS
code	# # (C) Tenable Network Security, Inc. # include("compat.inc"); if (description) { script_id(69047); script_version("1.7"); script_cvs_date("Date: 2018/11/15 20:50:20"); script_cve_id("CVE-2011-2577"); script_bugtraq_id(49392); script_name(english:"Cisco TelePresence Codecs DoS"); script_summary(english:"Checks software version"); script_set_attribute( attribute:"synopsis", value:"The remote device is affected by a denial of service vulnerability." ); script_set_attribute( attribute:"description", value: "According to the self-reported version returned by the SNMP service on the remote device, it is affected by a denial of service vulnerability that can be triggered by sending a specially crafted SIP packet." ); script_set_attribute(attribute:"see_also", value:"https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-20110831-tandberg.html"); script_set_attribute(attribute:"solution", value:"Upgrade to the appropriate software version per the vendor's advisory."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C"); script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C"); script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available"); script_set_attribute(attribute:"exploit_available", value:"true"); script_set_attribute(attribute:"vuln_publication_date", value:"2011/08/31"); script_set_attribute(attribute:"patch_publication_date", value:"2011/08/31"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/07/24"); script_set_attribute(attribute:"plugin_type", value:"remote"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_e20"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_mxp_software"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_9000_mxp"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_6000_mxp"); script_set_attribute(attribute:"cpe", value:"cpe:/a:cisco:telepresence_c_series_software"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_codec_c40"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_codec_c60"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_codec_c90"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_ex90"); script_set_attribute(attribute:"cpe", value:"cpe:/h:cisco:telepresence_ex60"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_family(english:"CISCO"); script_copyright(english:"This script is Copyright (C) 2013-2018 Tenable Network Security, Inc."); script_dependencies("cisco_telepresence_mcu_detect.nasl"); script_require_keys("Cisco/TelePresence_MCU/Version"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("misc_func.inc"); device = get_kb_item_or_exit("Cisco/TelePresence_MCU/Device"); version = get_kb_item_or_exit("Cisco/TelePresence_MCU/Version"); # Affected devices if ( device !~ " 6000MXP($\|[ \n\r])" && device !~ " 3000MXP($\|[ \n\r])" && device !~ " 2000MXP($\|[ \n\r])" && device !~ " 1700MXP($\|[ \n\r])" && device !~ " 1000MXP($\|[ \n\r])" && device !~ " 990MXP($\|[ \n\r])" && device !~ " 880MXP($\|[ \n\r])" && device !~ " 770MXP($\|[ \n\r])" && device !~ " 550MXP($\|[ \n\r])" && device !~ " Edge 75MXP($\|[ \n\r])" && device !~ " Edge 85MXP($\|[ \n\r])" && device !~ " Edge 95MXP($\|[ \n\r])" && device !~ " C20($\|[ \n\r])" && device !~ " C40($\|[ \n\r])" && device !~ " C60($\|[ \n\r])" && device !~ " C90($\|[ \n\r])" && device !~ " EX60($\|[ \n\r])" && device !~ " EX90($\|[ \n\r])") exit(0, "The remote TelePresence Device is not affected."); # check for affected versions fix = ''; item = eregmatch(pattern: "^TC([0-9.]+)", string: version); if ( !isnull(item) && ver_compare(ver:item[1], fix:"4.0.0", strict:FALSE) == -1 ) { version = item[0]; fix = "TC4.0.0"; } else { item = eregmatch(pattern: "^F([0-9.]+)", string: version); if ( !isnull(item) && ver_compare(ver:item[1], fix:"9.1", strict:FALSE) == -1 ) { version = item[0]; fix = "F9.1"; } } if (fix != '') { if (report_verbosity > 0) { report = '\n Detected version : ' + version + '\n Fixed version : ' + fix + '\n'; security_hole(port:0, extra:report); } else security_hole(0); } else audit(AUDIT_INST_VER_NOT_VULN, "Cisco TelePresence Codecs", version);

Packetstorm

data source	https://packetstormsecurity.com/files/download/105229/SOS-11-010.txt
id	PACKETSTORM:105229
last seen	2016-12-05
published	2011-09-19
reporter	Packet Storm
source	https://packetstormsecurity.com/files/105229/Cisco-TelePresence-Cookie-Theft-Impersonation-Code-Execution.html
title	Cisco TelePresence Cookie Theft / Impersonation / Code Execution

Seebug

bulletinFamily	exploit
description	No description provided by source.
id	SSV:72141
last seen	2017-11-19
modified	2014-07-01
published	2014-07-01
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-72141
title	Cisco TelePresence Multiple Vulnerabilities - SOS-11-010

Summary

Vulnerable Configurations

Exploit-Db

Nessus

Packetstorm

Seebug

References