Cisco TelePresence DSP Card Crafted RTP Packet H.264 Bit Stream Handling DoS

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote host is affected by a denial of service vulnerability.

Description :

According the self-reported version of the remote Cisco TelePresence
MCU or MCU MSE device, it is affected by a denial of service
vulnerability due to a flaw in the DSP card on these devices that can be
triggered by sending specially crafted RTP packets.

See also :

http://www.nessus.org/u?da092f32

Solution :

Upgrade the software on the device to version 4.3(2.30) or higher.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: CISCO

Nessus Plugin ID: 70079 ()

Bugtraq ID: 59272

CVE ID: CVE-2013-1176