CERT-MU Vulnerability Note VN-2009-11
Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability
Original Issue Date: April 09, 2009
Severity Rating: High
Systems Affected
- Cisco IOS 12.0 through 12.4, when enabled for SIP
Overview
A vulnerability exists in the Session Initiation Protocol (SIP) implementation in Cisco IOS Software that can be exploited remotely to cause a denial of service condition.
Description
This vulnerability exists due to improper handling of Session Initiation Protocol (SIP) messages. An unauthenticated, remote attacker could exploit this vulnerability by sending a specially crafted SIP message to cause a reload. Repeated attempts could result in a persistent denial of service (DoS) condition.
Workarounds
- Allow connection from legitimate device
- Use anti spoofing methods in network
Solution
Apply appropriate fixed versions as mentioned in CISCO Security Advisory.http://www.cisco.com/warp/public/707/cisco-sa-20090325
-sip.shtml
Disclaimer
The information provided herein is on "as is" basis, without warranty of any kind.
Vendor Information
CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090325-sip.shtml
CVE Name
CVE-2009-0636
References
CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090325-sip.shtml
http://tools.cisco.com/security/center/viewAlert.x?alertId=17761
Security Focus
http://www.securityfocus.com/bid/34243
Security Tracker
http://securitytracker.com/id?1021902
Secunia
http://secunia.com/advisories/34438
|
