Cisco IOS SCCP Control Protocol Malformed Message DoS (CSCee08584)

This script is (C) 2005-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch

Description :

The remote router contains a version of IOS which has flaw in its telephony
service.

If the remote router is configured for ITS, CME or SRST, then an attacker
may send malformed TCP queries to the remote host resulting in a reboot
of the router.

CISCO identifies this vulnerability as bug id CSCee08584

Solution :

http://www.cisco.com/en/US/products/products_security_advisory09186a00803b3fff.shtml

Risk factor :

Medium / CVSS Base Score : 5.0
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P)
CVSS Temporal Score : 4.0
(CVSS2#E:U/RL:W/RC:C)
Public Exploit Available : false

Family: CISCO

Nessus Plugin ID: 16217 (CSCee08584.nasl)

Bugtraq ID: 12307

CVE ID: CVE-2005-0186