Cisco IOS Telephony SCCP Control DoS (CSCee08584)

Medium Nessus Network Monitor Plugin ID 2548

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote router contains a version of IOS that has flaw in its telephony
service.

If the remote router is configured for ITS, CME or SRST, then an attacker

may send malformed TCP queries to the remote host resulting in a reboot

of the router.
CISCO identifies this vulnerability as Bug ID CSCee08584

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.cisco.com/en/US/products/products_security_advisory09186a00803b3fff.shtml

Plugin Details

Severity: Medium

ID: 2548

File Name: 2548.prm

Family: Generic

Published: 2005/01/24

Modified: 2016/11/23

Dependencies: 1107

Nessus ID: 16217

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:W/RC:C

CVSSv3

Base Score: 5.3

Temporal Score: 4.7

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS3#E:U/RL:W/RC:C

Reference Information

CVE: CVE-2005-0186

BID: 12307

OSVDB: 13084