Detections
Analytics

Cisco IOS Telephony SCCP Control DoS (CSCee08584)

medium Nessus Network Monitor Plugin ID 2548

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote router contains a version of IOS that has flaw in its telephony
service.

If the remote router is configured for ITS, CME or SRST, then an attacker

may send malformed TCP queries to the remote host resulting in a reboot

of the router.
CISCO identifies this vulnerability as Bug ID CSCee08584

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.cisco.com/en/US/products/products_security_advisory09186a00803b3fff.shtml

Plugin Details

Severity: Medium

ID: 2548

Family: Generic

Published: 1/24/2005

Updated: 3/6/2019

Nessus ID: 16217

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.7

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:U/RL:W/RC:C

Vulnerability Information

CPE: cpe:/o:cisco:ios

Reference Information

CVE: CVE-2005-0186

BID: 12307