Cisco 7940/7960 Phone SIP Invite Remote Denial of Service Vulnerability

Bugtraq ID:	23047
Class:	Failure to Handle Exceptional Conditions
CVE:
Remote:	Yes
Local:	No
Published:	Mar 20 2007 12:00AM
Updated:	Mar 21 2007 02:53PM
Credit:	Humberto J. Abdelnur is credited with the discovery of this vulnerability.
Vulnerable:	Cisco VoIP Phone CP-7960 3.2 Cisco VoIP Phone CP-7960 3.1 Cisco VoIP Phone CP-7960 3.0 Cisco VoIP Phone CP-7940 3.2 Cisco VoIP Phone CP-7940 3.1 Cisco VoIP Phone CP-7940 3.0
Not Vulnerable:	Cisco VoIP Phone CP-7960 8.6(0) Cisco VoIP Phone CP-7940 8.6(0)

Cisco 7940/7960 Phone SIP Invite Remote Denial of Service Vulnerability

Cisco 7940/7960 phones are prone to a remote denial-of-service vulnerability.

Exploiting this issue allows remote attackers to cause the device to reboot, effectively denying service to legitimate users.

Cisco 7940/7960 Phone SIP Invite Remote Denial of Service Vulnerability

The following proof of concept is available.

• /data/vulnerabilities/exploits/cisco_7940_sip_dos_poc.pl

Cisco 7940/7960 Phone SIP Invite Remote Denial of Service Vulnerability

Solution:
Cisco 7940/7960 firmware 8.6(0) addresses this issue; please contact the vendor for information on how to obtain fixes and upgrades.

Users of affected packages with valid login credentials may obtain fixes from the following URI:

http://www.cisco.com/cgi-bin/tablebuild.pl/ip-7900ser

Cisco 7940/7960 Phone SIP Invite Remote Denial of Service Vulnerability

References: