ID CVE-2005-0186
Summary Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.
References
Vulnerable Configurations
  • cpe:2.3:o:cisco:ios:12.1yd:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.1yd:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.2t:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.3:*:*:*:*:*:*:*
  • cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*
    cpe:2.3:o:cisco:ios:12.3t:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 11-10-2017 - 01:29)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
oval via4
accepted 2010-05-31T04:00:06.154-04:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name Ronald Jones
    organization DTCC
  • name Ronald Jones
    organization DTCC
description Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.
family ios
id oval:org.mitre.oval:def:4849
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco Systems IOS Skinny Call Control Protocol Handler Denial of Service Vulnerability
version 5
refmap via4
cisco 20050119 Vulnerability in Cisco IOS Embedded Call Processing Solutions
sectrack 1012945
secunia 13913
xf cisco-ios-sccp-dos(18956)
Last major update 11-10-2017 - 01:29
Published 19-01-2005 - 05:00
Last modified 11-10-2017 - 01:29
Back to Top