Vulnerabilities > CVE-2012-0383 - Resource Management Errors vulnerability in Cisco IOS 12.4/15.0/15.1
Attack vector
UNKNOWN Attack complexity
UNKNOWN Privileges required
UNKNOWN Confidentiality impact
UNKNOWN Integrity impact
UNKNOWN Availability impact
UNKNOWN Summary
Memory leak in the NAT feature in Cisco IOS 12.4, 15.0, and 15.1 allows remote attackers to cause a denial of service (memory consumption, and device hang or reload) via SIP packets that require translation, related to a "memory starvation vulnerability," aka Bug ID CSCti35326.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| OS | 3 |
Common Weakness Enumeration (CWE)
Nessus
| NASL family | CISCO |
| NASL id | CISCO-SA-20120328-NAT.NASL |
| description | The Cisco IOS Software Network Address Translation (NAT) feature contains a denial of service (DoS) vulnerability in the translation of Session Initiation Protocol (SIP) packets. The vulnerability is caused when packets in transit on the vulnerable device require translation on the SIP payload. Cisco has released free software updates that address this vulnerability. A workaround that mitigates the vulnerability is available. |
| last seen | 2019-10-28 |
| modified | 2012-04-02 |
| plugin id | 58569 |
| published | 2012-04-02 |
| reporter | This script is Copyright (C) 2012-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/58569 |
| title | Cisco IOS Software Network Address Translation Vulnerability (cisco-sa-20120328-nat) |
References
- http://osvdb.org/80701
- http://secunia.com/advisories/48515
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat
- http://www.securityfocus.com/bid/52758
- http://www.securitytracker.com/id?1026864
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74432
- http://osvdb.org/80701
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74432
- http://www.securitytracker.com/id?1026864
- http://www.securityfocus.com/bid/52758
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat
- http://secunia.com/advisories/48515