CERT-MU Vulnerability Note VN-2009-25

Cisco Unified Communications Manager SIP Denial of Service Vulnerability

Original Issue Date: October 7, 2009

Severity Rating: Medium

Affected Softwares

• Cisco Unified Communications Manager versions prior to 5.1(3g)
• Cisco Unified Communications Manager versions prior to 6.1(4)
• Cisco Unified Communications Manager versions prior to 7.0(2a)su1
• Cisco Unified Communications Manager versions prior to 7.1(2)

Overview

Cisco Unified Communications Manager contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service condition.

Description

This vulnerability is due to errors in processing malformed SIP messages. An unauthenticated, remote attacker could exploit this vulnerability by sending specially crafted SIP messages to the vulnerable system. When processed, the messages could trigger an error condition that could result in the failure and restart of the Cisco Unified Communications Manager service, causing denial of service condition (DoS).

Solution

Upgrade to Cisco Unified Communications Manager version 5.1(3g), 6.1(4), 7.0(2a)su1 or 7.1(2) , as suggested by vendor as follows: http://www.cisco.com/public/sw-center/sw-usingswc.shtml

Vendor Information

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090923-cm.shtml

CVE Name
CVE-2009-2864

References

CISCO
http://www.cisco.com/warp/public/707/cisco-sa-20090923-cm.shtml

VUPEN
http://www.vupen.com/english/advisories/2009/2757

Secunia
http://secunia.com/advisories/36836/

SecurityFocus
http://www.securityfocus.com/bid/36496/

SecurityTracker
http://securitytracker.com/alerts/2009/Sep/1022931.html

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.