Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
BID:12307
Info
Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
| Bugtraq ID: | 12307 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 19 2005 12:00AM |
| Updated: | Jan 19 2005 12:00AM |
| Credit: | Discovery of this vulnerability is credited to SecureTest. |
| Vulnerable: |
Cisco IOS 12.3XQ Cisco IOS 12.3XN Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XH Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XE Cisco IOS 12.3XD Cisco IOS 12.3XC Cisco IOS 12.3XB Cisco IOS 12.3XA Cisco IOS 12.3T Cisco IOS 12.3 Cisco IOS 12.2ZP Cisco IOS 12.2ZO Cisco IOS 12.2ZK Cisco IOS 12.2ZJ Cisco IOS 12.2YS Cisco IOS 12.2YR Cisco IOS 12.2YQ Cisco IOS 12.2YN Cisco IOS 12.2YM Cisco IOS 12.2YL Cisco IOS 12.2YJ Cisco IOS 12.2YH Cisco IOS 12.2YG Cisco IOS 12.2YF Cisco IOS 12.2YD Cisco IOS 12.2YC Cisco IOS 12.2YB Cisco IOS 12.2YA Cisco IOS 12.2XZ Cisco IOS 12.2XW Cisco IOS 12.2XU Cisco IOS 12.2XT Cisco IOS 12.2XM Cisco IOS 12.2XG Cisco IOS 12.2XB Cisco IOS 12.2T Cisco IOS 12.2JK Cisco IOS 12.2CZ Cisco IOS 12.2BC Cisco IOS 12.2B Cisco IOS 12.1YI Cisco IOS 12.1YE Cisco IOS 12.1YD |
| Not Vulnerable: | |
Discussion
Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
Cisco IOS when configured for Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME), or Survivable Remote Site Telephony (SRST) services is reported prone to a remote denial of service vulnerability.
The issue is reported to exist in the Skinny Call Control Protocol (SCCP) handler.
A remote attacker may exploit this vulnerability continuously to effectively deny network-based services to legitimate users.
Cisco IOS when configured for Cisco IOS Telephony Service (ITS), Cisco CallManager Express (CME), or Survivable Remote Site Telephony (SRST) services is reported prone to a remote denial of service vulnerability.
The issue is reported to exist in the Skinny Call Control Protocol (SCCP) handler.
A remote attacker may exploit this vulnerability continuously to effectively deny network-based services to legitimate users.
Exploit / POC
Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
Solution:
The vendor has released an updated advisory (cisco-sa-20050119-itscme revision 1.1) and additional updates to address this vulnerability. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
Solution:
The vendor has released an updated advisory (cisco-sa-20050119-itscme revision 1.1) and additional updates to address this vulnerability. Customers are advised to peruse the referenced advisory for further information regarding obtaining and applying appropriate updates.
References
Cisco IOS Skinny Call Control Protocol Handler Remote Denial Of Service Vulnerability
References:
References: