Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
BID:38933
Info
Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
| Bugtraq ID: | 38933 |
| Class: | Design Error |
| CVE: |
CVE-2010-0581 |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 24 2010 12:00AM |
| Updated: | Mar 30 2010 04:52PM |
| Credit: | Cisco |
| Vulnerable: |
Cisco IOS 12.4YG Cisco IOS 12.4YE Cisco IOS 12.4YB Cisco IOS 12.4YA Cisco IOS 12.4XT Cisco IOS 12.4XR Cisco IOS 12.4XP Cisco IOS 12.4XD Cisco IOS 12.4XB Cisco IOS 12.4XA Cisco IOS 12.4T Cisco IOS 12.4SW Cisco IOS 12.4MR Cisco IOS 12.4MD Cisco IOS 12.4GC Cisco IOS 12.4 Cisco IOS 12.3ZA Cisco IOS 12.3YZ Cisco IOS 12.3YX Cisco IOS 12.3YU Cisco IOS 12.3YT Cisco IOS 12.3YS Cisco IOS 12.3YQ Cisco IOS 12.3YM Cisco IOS 12.3YK Cisco IOS 12.3YG Cisco IOS 12.3YF Cisco IOS 12.3XY Cisco IOS 12.3XX Cisco IOS 12.3XW Cisco IOS 12.3XU Cisco IOS 12.3XR Cisco IOS 12.3XQ Cisco IOS 12.3XL Cisco IOS 12.3XK Cisco IOS 12.3XJ Cisco IOS 12.3XI Cisco IOS 12.3XG Cisco IOS 12.3XF Cisco IOS 12.3XD Cisco IOS 12.3T Cisco IOS 12.3JK |
| Not Vulnerable: |
Cisco IOS 15.0M Cisco IOS 15.0(1)M1 Cisco IOS 12.4XN Cisco IOS 12.4(9)MR Cisco IOS 12.4(25c) Cisco IOS 12.4(24)YE Cisco IOS 12.4(24)T3 Cisco IOS 12.4(24)T2 Cisco IOS 12.4(24)MD Cisco IOS 12.4(22)YE2 Cisco IOS 12.4(22)YB5 Cisco IOS 12.4(22)XR3 Cisco IOS 12.4(22)T3 Cisco IOS 12.4(22)MDA2 Cisco IOS 12.3(11)YK3 |
Discussion
Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
Cisco IOS is prone to a remote code-execution service vulnerability.
The attacker can exploit this issue to execute arbitrary code with elevated privileges on affected devices. Successful exploits will completely compromise an affected device.
This issue is tracked by Cisco Bug ID CSCsz89904.
Cisco IOS is prone to a remote code-execution service vulnerability.
The attacker can exploit this issue to execute arbitrary code with elevated privileges on affected devices. Successful exploits will completely compromise an affected device.
This issue is tracked by Cisco Bug ID CSCsz89904.
Solution / Fix
Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
Solution:
The vendor has released updates. Please see the referenced advisory for details.
Solution:
The vendor has released updates. Please see the referenced advisory for details.
References
Cisco IOS SIP Message (CVE-2010-0581) Remote Code Execution Vulnerability
References:
References:
- Cisco IOS Homepage (Cisco Systems)
- Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial o (Cisco)