Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities (cisco-sa-20100324-sip)

This script is Copyright (C) 2010-2014 Tenable Network Security, Inc.

Synopsis :

The remote device is missing a vendor-supplied security patch.

Description :

Multiple vulnerabilities exist in the Session Initiation Protocol
(SIP) implementation in Cisco IOS Software that could allow an
unauthenticated, remote attacker to cause a reload of an affected
device when SIP operation is enabled. Remote code execution may also
be possible. Cisco has released free software updates that address
these vulnerabilities. For devices that must run SIP there are no
workarounds; however, mitigations are available to limit exposure of
the vulnerabilities.

See also :

Solution :

Apply the relevant patch referenced in Cisco Security Advisory

Risk factor :

Critical / CVSS Base Score : 10.0

Family: CISCO

Nessus Plugin ID: 49054 (cisco-sa-20100324-siphttp.nasl)

Bugtraq ID:

CVE ID: CVE-2010-0579

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now