ID CVE-2007-0648
Summary Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
References
Vulnerable Configurations
  • Cisco IOS 12.3 (14)T
    cpe:2.3:o:cisco:ios:12.3%2814%29t
  • Cisco IOS 12.3 (14)T2
    cpe:2.3:o:cisco:ios:12.3%2814%29t2
  • Cisco IOS 12.3 (14)T4
    cpe:2.3:o:cisco:ios:12.3%2814%29t4
  • Cisco IOS 12.3 (14)T5
    cpe:2.3:o:cisco:ios:12.3%2814%29t5
  • Cisco IOS 12.3YG
    cpe:2.3:o:cisco:ios:12.3yg
  • Cisco IOS 12.3YK
    cpe:2.3:o:cisco:ios:12.3yk
  • Cisco IOS 12.3YM
    cpe:2.3:o:cisco:ios:12.3ym
  • Cisco IOS 12.3YQ
    cpe:2.3:o:cisco:ios:12.3yq
  • Cisco IOS 12.3YT
    cpe:2.3:o:cisco:ios:12.3yt
  • Cisco IOS 12.3YU
    cpe:2.3:o:cisco:ios:12.3yu
  • Cisco IOS 12.3YX
    cpe:2.3:o:cisco:ios:12.3yx
  • Cisco IOS 12.4
    cpe:2.3:o:cisco:ios:12.4
  • Cisco IOS 12.4 (1)
    cpe:2.3:o:cisco:ios:12.4%281%29
  • Cisco IOS 12.4 (1b)
    cpe:2.3:o:cisco:ios:12.4%281b%29
  • Cisco IOS 12.4 (1c)
    cpe:2.3:o:cisco:ios:12.4%281c%29
  • Cisco IOS 12.4 (2)MR
    cpe:2.3:o:cisco:ios:12.4%282%29mr
  • Cisco IOS 12.4 (2)MR1
    cpe:2.3:o:cisco:ios:12.4%282%29mr1
  • Cisco IOS 12.4 (2)T
    cpe:2.3:o:cisco:ios:12.4%282%29t
  • Cisco IOS 12.4 (2)T1
    cpe:2.3:o:cisco:ios:12.4%282%29t1
  • Cisco IOS 12.4 (2)T2
    cpe:2.3:o:cisco:ios:12.4%282%29t2
  • Cisco IOS 12.4 (2)T3
    cpe:2.3:o:cisco:ios:12.4%282%29t3
  • Cisco IOS 12.4(2)T4
    cpe:2.3:o:cisco:ios:12.4%282%29t4
  • Cisco IOS 12.4 (2)XA
    cpe:2.3:o:cisco:ios:12.4%282%29xa
  • Cisco IOS 12.4 (2)XB
    cpe:2.3:o:cisco:ios:12.4%282%29xb
  • Cisco IOS 12.4(2)XB2
    cpe:2.3:o:cisco:ios:12.4%282%29xb2
  • Cisco IOS 12.4 (3)
    cpe:2.3:o:cisco:ios:12.4%283%29
  • Cisco IOS 12.4(3)T2
    cpe:2.3:o:cisco:ios:12.4%283%29t2
  • Cisco IOS 12.4 (3a)
    cpe:2.3:o:cisco:ios:12.4%283a%29
  • Cisco IOS 12.4 (3b)
    cpe:2.3:o:cisco:ios:12.4%283b%29
  • Cisco IOS 12.4(3d)
    cpe:2.3:o:cisco:ios:12.4%283d%29
  • Cisco IOS 12.4(4)MR
    cpe:2.3:o:cisco:ios:12.4%284%29mr
  • Cisco IOS 12.4 (4)T
    cpe:2.3:o:cisco:ios:12.4%284%29t
  • Cisco IOS 12.4(4)T2
    cpe:2.3:o:cisco:ios:12.4%284%29t2
  • Cisco IOS 12.4 (5)
    cpe:2.3:o:cisco:ios:12.4%285%29
  • Cisco IOS 12.4(5b)
    cpe:2.3:o:cisco:ios:12.4%285b%29
  • Cisco IOS 12.4(6)T
    cpe:2.3:o:cisco:ios:12.4%286%29t
  • Cisco IOS 12.4(6)T1
    cpe:2.3:o:cisco:ios:12.4%286%29t1
  • Cisco IOS 12.4(7)
    cpe:2.3:o:cisco:ios:12.4%287%29
  • Cisco IOS 12.4(7a)
    cpe:2.3:o:cisco:ios:12.4%287a%29
  • Cisco IOS 12.4(8)
    cpe:2.3:o:cisco:ios:12.4%288%29
  • Cisco IOS 12.4(9)T
    cpe:2.3:o:cisco:ios:12.4%289%29t
  • Cisco IOS 12.4MR
    cpe:2.3:o:cisco:ios:12.4mr
  • Cisco IOS 12.4SW
    cpe:2.3:o:cisco:ios:12.4sw
  • Cisco IOS 12.4T
    cpe:2.3:o:cisco:ios:12.4t
  • Cisco IOS 12.4XA
    cpe:2.3:o:cisco:ios:12.4xa
  • Cisco IOS 12.4XB
    cpe:2.3:o:cisco:ios:12.4xb
  • Cisco IOS 12.4XC
    cpe:2.3:o:cisco:ios:12.4xc
  • Cisco IOS 12.4XD
    cpe:2.3:o:cisco:ios:12.4xd
  • Cisco IOS 12.4XE
    cpe:2.3:o:cisco:ios:12.4xe
  • Cisco IOS 12.4XG
    cpe:2.3:o:cisco:ios:12.4xg
  • Cisco IOS 12.4XJ
    cpe:2.3:o:cisco:ios:12.4xj
  • Cisco IOS 12.4XP
    cpe:2.3:o:cisco:ios:12.4xp
  • Cisco IOS 12.4XT
    cpe:2.3:o:cisco:ios:12.4xt
CVSS
Base: 7.8 (as of 01-02-2007 - 15:13)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
nessus via4
  • NASL family CISCO
    NASL id CISCO-SA-20070131-SIPHTTP.NASL
    description Cisco devices running an affected version of Internetwork Operating System (IOS) which supports Session Initiation Protocol (SIP) are affected by a vulnerability that may lead to a reload of the device when receiving a specific series of packets destined to port 5060. This issue is compounded by a related bug which allows traffic to TCP 5060 and UDP port 5060 on devices not configured for SIP. There are no known instances of intentional exploitation of this issue. However, Cisco has observed data streams that appear to be unintentionally triggering the vulnerability. Workarounds exist to mitigate the effects of this problem on devices which do not require SIP.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 48999
    published 2010-09-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=48999
    title SIP Packets Reload IOS Devices with support for SIP
  • NASL family CISCO
    NASL id CSCSH58082.NASL
    description The remote version of IOS contains a flaw that could cause the remote router to crash when it receives a malicious SIP (Session Initiation Protocol) packet. An attacker might use these flaws to disable this device remotely.
    last seen 2019-02-21
    modified 2018-06-27
    plugin id 24740
    published 2007-03-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=24740
    title Cisco IOS SIP Packet Handling Remote DoS (CSCsh58082)
oval via4
accepted 2010-06-14T04:00:02.671-04:00
class vulnerability
contributors
  • name Yuzheng Zhou
    organization Hewlett-Packard
  • name KASHIF LATIF
    organization DTCC
description Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.
family ios
id oval:org.mitre.oval:def:5138
status accepted
submitted 2008-05-26T11:06:36.000-04:00
title Cisco IOS Device SIP Support DoS Vulnerability
version 6
refmap via4
bid 22330
cert-vn VU#438176
cisco 20070131 SIP Packet Reloads IOS Devices Not Configured for SIP
confirm http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml
sectrack 1017575
secunia 23978
vupen ADV-2007-0428
xf cisco-sip-packet-dos(31990)
Last major update 07-03-2011 - 21:50
Published 31-01-2007 - 20:28
Last modified 10-10-2017 - 21:31
Back to Top