ID CVE-2003-1109
Summary The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.
References
Vulnerable Configurations
  • Cisco IOS 12.2 (1)XA
    cpe:2.3:o:cisco:ios:12.2%281%29xa
  • Cisco IOS 12.2 (1)XD
    cpe:2.3:o:cisco:ios:12.2%281%29xd
  • Cisco IOS 12.2 (1)XD1
    cpe:2.3:o:cisco:ios:12.2%281%29xd1
  • Cisco IOS 12.2 (1)XD3
    cpe:2.3:o:cisco:ios:12.2%281%29xd3
  • Cisco IOS 12.2 (1)XD4
    cpe:2.3:o:cisco:ios:12.2%281%29xd4
  • Cisco IOS 12.2 (1)XE
    cpe:2.3:o:cisco:ios:12.2%281%29xe
  • Cisco IOS 12.2 (1)XE2
    cpe:2.3:o:cisco:ios:12.2%281%29xe2
  • Cisco IOS 12.2 (1)XE3
    cpe:2.3:o:cisco:ios:12.2%281%29xe3
  • Cisco IOS 12.2 (1)XH
    cpe:2.3:o:cisco:ios:12.2%281%29xh
  • Cisco IOS 12.2 (1)XQ
    cpe:2.3:o:cisco:ios:12.2%281%29xq
  • Cisco IOS 12.2 (1)XS
    cpe:2.3:o:cisco:ios:12.2%281%29xs
  • Cisco IOS 12.2 (1)XS1
    cpe:2.3:o:cisco:ios:12.2%281%29xs1
  • Cisco IOS 12.2 (2)T4
    cpe:2.3:o:cisco:ios:12.2%282%29t4
  • Cisco IOS 12.2 (2)XA
    cpe:2.3:o:cisco:ios:12.2%282%29xa
  • Cisco IOS 12.2 (2)XA1
    cpe:2.3:o:cisco:ios:12.2%282%29xa1
  • Cisco IOS 12.2 (2)XA5
    cpe:2.3:o:cisco:ios:12.2%282%29xa5
  • Cisco IOS 12.2 (2)XB
    cpe:2.3:o:cisco:ios:12.2%282%29xb
  • Cisco IOS 12.2 (2)XB3
    cpe:2.3:o:cisco:ios:12.2%282%29xb3
  • Cisco IOS 12.2 (2)XB4
    cpe:2.3:o:cisco:ios:12.2%282%29xb4
  • Cisco IOS 12.2 (2)XF
    cpe:2.3:o:cisco:ios:12.2%282%29xf
  • Cisco IOS 12.2 (2)XG
    cpe:2.3:o:cisco:ios:12.2%282%29xg
  • Cisco IOS 12.2 (2)XH
    cpe:2.3:o:cisco:ios:12.2%282%29xh
  • Cisco IOS 12.2 (2)XH2
    cpe:2.3:o:cisco:ios:12.2%282%29xh2
  • Cisco IOS 12.2 (2)XH3
    cpe:2.3:o:cisco:ios:12.2%282%29xh3
  • Cisco IOS 12.2 (2)XI
    cpe:2.3:o:cisco:ios:12.2%282%29xi
  • Cisco IOS 12.2 (2)XI1
    cpe:2.3:o:cisco:ios:12.2%282%29xi1
  • Cisco IOS 12.2 (2)XI2
    cpe:2.3:o:cisco:ios:12.2%282%29xi2
  • Cisco IOS 12.2 (2)XJ
    cpe:2.3:o:cisco:ios:12.2%282%29xj
  • Cisco IOS 12.2 (2)XJ1
    cpe:2.3:o:cisco:ios:12.2%282%29xj1
  • Cisco IOS 12.2 (2)XK
    cpe:2.3:o:cisco:ios:12.2%282%29xk
  • Cisco IOS 12.2 (2)XK2
    cpe:2.3:o:cisco:ios:12.2%282%29xk2
  • Cisco IOS 12.2 (2)XN
    cpe:2.3:o:cisco:ios:12.2%282%29xn
  • Cisco IOS 12.2 (2)XT
    cpe:2.3:o:cisco:ios:12.2%282%29xt
  • Cisco IOS 12.2 (2)XT3
    cpe:2.3:o:cisco:ios:12.2%282%29xt3
  • Cisco IOS 12.2 (2)XU
    cpe:2.3:o:cisco:ios:12.2%282%29xu
  • Cisco IOS 12.2 (2)XU2
    cpe:2.3:o:cisco:ios:12.2%282%29xu2
  • Cisco IOS 12.2 (11)T
    cpe:2.3:o:cisco:ios:12.2%2811%29t
  • Cisco IOS 12.2T
    cpe:2.3:o:cisco:ios:12.2t
  • Cisco IOS 12.2XA
    cpe:2.3:o:cisco:ios:12.2xa
  • Cisco IOS 12.2XB
    cpe:2.3:o:cisco:ios:12.2xb
  • Cisco IOS 12.2XC
    cpe:2.3:o:cisco:ios:12.2xc
  • Cisco IOS 12.2XD
    cpe:2.3:o:cisco:ios:12.2xd
  • Cisco IOS 12.2XE
    cpe:2.3:o:cisco:ios:12.2xe
  • Cisco IOS 12.2XF
    cpe:2.3:o:cisco:ios:12.2xf
  • Cisco IOS 12.2XG
    cpe:2.3:o:cisco:ios:12.2xg
  • Cisco IOS 12.2XH
    cpe:2.3:o:cisco:ios:12.2xh
  • Cisco IOS 12.2XI
    cpe:2.3:o:cisco:ios:12.2xi
  • Cisco IOS 12.2XJ
    cpe:2.3:o:cisco:ios:12.2xj
  • Cisco IOS 12.2XK
    cpe:2.3:o:cisco:ios:12.2xk
  • Cisco IOS 12.2XL
    cpe:2.3:o:cisco:ios:12.2xl
  • Cisco IOS 12.2XM
    cpe:2.3:o:cisco:ios:12.2xm
  • Cisco IOS 12.2XN
    cpe:2.3:o:cisco:ios:12.2xn
  • Cisco IOS 12.2XQ
    cpe:2.3:o:cisco:ios:12.2xq
  • Cisco IOS 12.2XR
    cpe:2.3:o:cisco:ios:12.2xr
  • Cisco IOS 12.2XS
    cpe:2.3:o:cisco:ios:12.2xs
  • Cisco IOS 12.2XT
    cpe:2.3:o:cisco:ios:12.2xt
  • Cisco IOS 12.2XW
    cpe:2.3:o:cisco:ios:12.2xw
  • Cisco IP Phone 7940
    cpe:2.3:h:cisco:ip_phone_7940
  • Cisco IP Phone 7960
    cpe:2.3:h:cisco:ip_phone_7960
  • Cisco PIX Firewall Software 5.2(1)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%281%29
  • Cisco PIX Firewall Software 5.2 (2)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%282%29
  • Cisco PIX Firewall Software 5.2 (3.210)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%283.210%29
  • Cisco PIX Firewall Software 5.2 (5)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%285%29
  • Cisco PIX Firewall Software 5.2 (6)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%286%29
  • Cisco PIX Firewall Software 5.2(7)
    cpe:2.3:o:cisco:pix_firewall_software:5.2%287%29
  • Cisco PIX Firewall Software 5.3
    cpe:2.3:o:cisco:pix_firewall_software:5.3
  • Cisco PIX Firewall Software 5.3(1)
    cpe:2.3:o:cisco:pix_firewall_software:5.3%281%29
  • Cisco PIX Firewall Software 5.3(1.200)
    cpe:2.3:o:cisco:pix_firewall_software:5.3%281.200%29
  • Cisco PIX Firewall Software 5.3(2)
    cpe:2.3:o:cisco:pix_firewall_software:5.3%282%29
  • Cisco PIX Firewall Software 5.3(3)
    cpe:2.3:o:cisco:pix_firewall_software:5.3%283%29
  • Cisco PIX Firewall Software 6.0
    cpe:2.3:o:cisco:pix_firewall_software:6.0
  • Cisco PIX Firewall Software 6.0(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%281%29
  • Cisco PIX Firewall Software 6.0(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.0%282%29
  • Cisco PIX Firewall Software 6.1(2)
    cpe:2.3:o:cisco:pix_firewall_software:6.1%282%29
  • Cisco PIX Firewall Software 6.2(1)
    cpe:2.3:o:cisco:pix_firewall_software:6.2%281%29
CVSS
Base: 7.5 (as of 23-05-2005 - 16:02)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
  • NASL family CISCO
    NASL id CSCDZ39284.NASL
    description It is possible to make the remote IOS crash when sending it malformed SIP packets. These vulnerabilities are documented as CISCO bug id CSCdz39284 and CSCdz41124.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 11380
    published 2003-03-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=11380
    title Cisco SIP Crafted INVITE Message Handling DoS (CSCdz39284, CSCdz41124)
  • NASL family CISCO
    NASL id CISCO-SA-20030221-PROTOSHTTP.NASL
    description Multiple Cisco products contain vulnerabilities in the processing of Session Initiation Protocol (SIP) INVITE messages. These vulnerabilities were identified by the University of Oulu Secure Programming Group (OUSPG) "PROTOS" Test Suite for SIP and can be repeatedly exploited to produce a denial of service.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48969
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48969
    title Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite - Cisco Systems
refmap via4
bid 6904
cert CA-2003-06
cert-vn VU#528719
cisco 20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite
misc http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/
sectrack
  • 1006143
  • 1006144
  • 1006145
xf sip-invite(11379)
Last major update 05-09-2008 - 16:36
Published 31-12-2003 - 00:00
Last modified 30-10-2018 - 12:26
Back to Top