Cisco IOS NAT SCCP Fragmentation Support Denial of Service Vulnerability

Bugtraq ID:	38937
Class:	Unknown
CVE:	CVE-2010-0584
Remote:	Yes
Local:	No
Published:	Mar 24 2010 12:00AM
Updated:	Mar 24 2010 12:00AM
Credit:	Cisco
Vulnerable:	Cisco IOS 12.4YG Cisco IOS 12.4YE Cisco IOS 12.4YD Cisco IOS 12.4YB Cisco IOS 12.4YA Cisco IOS 12.4XZ Cisco IOS 12.4XY Cisco IOS 12.4XW Cisco IOS 12.4XV Cisco IOS 12.4XT Cisco IOS 12.4XR Cisco IOS 12.4XQ Cisco IOS 12.4XP Cisco IOS 12.4XN Cisco IOS 12.4XM Cisco IOS 12.4XL Cisco IOS 12.4XK Cisco IOS 12.4XJ Cisco IOS 12.4XG Cisco IOS 12.4XF Cisco IOS 12.4XE Cisco IOS 12.4XC Cisco IOS 12.4T Cisco IOS 12.4SW Cisco IOS 12.4MR Cisco IOS 12.4MDA Cisco IOS 12.4MD Cisco IOS 12.4GC
Not Vulnerable:	Cisco IOS 15.0M Cisco IOS 12.4(4)MR1 Cisco IOS 12.4(24)T2 Cisco IOS 12.4(22)YE2 Cisco IOS 12.4(22)XR3 Cisco IOS 12.4(22)T3 Cisco IOS 12.4(22)MDA2 Cisco IOS 12.4(20)T4 Cisco IOS 12.4(15)T10 Cisco IOS 12.4(11)MD10

Cisco IOS NAT SCCP Fragmentation Support Denial of Service Vulnerability

Cisco IOS is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause an affected device to reload, denying service to legitimate users.

This issue is being tracked by Cisco Bug ID CSCsy09250.http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsq24002

Cisco IOS NAT SCCP Fragmentation Support Denial of Service Vulnerability

To exploit this issue, attackers can use readily available network utilities.

Cisco IOS NAT SCCP Fragmentation Support Denial of Service Vulnerability

Solution:
Updates are available. Please see the references for details.