Cisco IOS SIP Packet DoS (Bug ID CSCdz39284, CSCdz41124)

High Nessus Network Monitor Plugin ID 2250

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

It is possible to make the remote IOS crash by sending malformed SIP packets. These vulnerabilities are documented as CISCO bug id CSCdz39284 and CSCdz41124.

Solution

http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml

Plugin Details

Severity: High

ID: 2250

File Name: 2250.prm

Family: SNMP

Published: 2004/09/03

Modified: 2016/12/12

Nessus ID: 11380

Risk Information

Risk Factor: High

CVSSv2

Base Score: 7.5

Temporal Score: 6.2

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 7.3

Temporal Score: 6.8

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Reference Information

CVE: CVE-2003-1108, CVE-2003-1109, CVE-2003-1110, CVE-2003-1111, CVE-2003-1112, CVE-2003-1113, CVE-2003-1114, CVE-2003-1115

BID: 6904