Multiple Cisco IOS Session Initiation Protocol Denial of Service Vulnerabilities

This script is (C) 2010-2014 Tenable Network Security, Inc.


Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Multiple vulnerabilities exist in the Session Initiation Protocol (SIP)
implementation in Cisco IOS that can be exploited remotely to trigger a
memory leak or to cause a reload of the IOS device.
Cisco has released free software updates that address these
vulnerabilities. Fixed Cisco IOS software listed in the Software
Versions and Fixes section contains fixes for all vulnerabilities
addressed in this advisory.
There are no workarounds available to mitigate the effects of any of
the vulnerabilities apart from disabling the protocol or feature
itself, if administrators do not require the Cisco IOS device to
provide voice over IP services.

See also :

http://www.nessus.org/u?82a2f4e3
http://www.nessus.org/u?d2fe5640

Solution :

Apply the relevant patch referenced in Cisco Security Advisory
cisco-sa-20080924-sip.

Risk factor :

High / CVSS Base Score : 7.8
(CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 6.4
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 49025 (cisco-sa-20080924-siphttp.nasl)

Bugtraq ID: 31361

CVE ID: CVE-2008-3799
CVE-2008-3800
CVE-2008-3801
CVE-2008-3802