RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
BID:40110
Info
RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
| Bugtraq ID: | 40110 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | May 12 2010 12:00AM |
| Updated: | May 12 2010 09:22PM |
| Credit: | Cisco |
| Vulnerable: |
Cisco PGW2200 Softswitch 9.7(3) Cisco PGW2200 Softswitch |
| Not Vulnerable: |
Cisco PGW2200 Softswitch 9.8(1)S5 Cisco PGW2200 Softswitch 9.7(3)S11 |
Discussion
RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
Cisco PGW 2200 Softswitch products are prone to multiple remote denial-of-service vulnerabilities
An attacker can exploit these issues to trigger an affected device to crash, or to prevent new connections.
These issues are tracked in Cisco BugIDs: CSCsl39126, CSCsk32606, CSCsk40030, CSCsk38165, CSCsk44115, CSCsj98521, CSCsk04588, CSCsz1359, and CSCsk13561.
This BID is being retired because the following individual records exist to better document these issues:
40117 Cisco PGW 2200 Softswitch MGCP Packets Denial of Service Vulnerability
40120 Cisco PGW 2200 Softswitch SIP Packet Handling Denial of Service Vulnerability
40121 Cisco PGW 2200 Softswitch Session Attribute Denial of Service Vulnerability
40122 Cisco PGW 2200 Softswitch SIP Testing Denial of Service Vulnerability
40123 Cisco PGW 2200 Softswitch Long Message Handling Denial of Service Vulnerability
40124 Cisco PGW 2200 Softswitch Malformed Contact Header Denial of Service Vulnerability
40125 Cisco PGW 2200 Softswitch Malformed Header Denial of Service Vulnerability
40126 Cisco PGW 2200 Softswitch Malformed SIP Header Denial of Service Vulnerability
40128 Cisco PGW 2200 Softswitch TCP Exhaustion Denial of Service Vulnerability
Cisco PGW 2200 Softswitch products are prone to multiple remote denial-of-service vulnerabilities
An attacker can exploit these issues to trigger an affected device to crash, or to prevent new connections.
These issues are tracked in Cisco BugIDs: CSCsl39126, CSCsk32606, CSCsk40030, CSCsk38165, CSCsk44115, CSCsj98521, CSCsk04588, CSCsz1359, and CSCsk13561.
This BID is being retired because the following individual records exist to better document these issues:
40117 Cisco PGW 2200 Softswitch MGCP Packets Denial of Service Vulnerability
40120 Cisco PGW 2200 Softswitch SIP Packet Handling Denial of Service Vulnerability
40121 Cisco PGW 2200 Softswitch Session Attribute Denial of Service Vulnerability
40122 Cisco PGW 2200 Softswitch SIP Testing Denial of Service Vulnerability
40123 Cisco PGW 2200 Softswitch Long Message Handling Denial of Service Vulnerability
40124 Cisco PGW 2200 Softswitch Malformed Contact Header Denial of Service Vulnerability
40125 Cisco PGW 2200 Softswitch Malformed Header Denial of Service Vulnerability
40126 Cisco PGW 2200 Softswitch Malformed SIP Header Denial of Service Vulnerability
40128 Cisco PGW 2200 Softswitch TCP Exhaustion Denial of Service Vulnerability
Exploit / POC
RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
Attackers can use readily available network utilities to exploit these issues.
Attackers can use readily available network utilities to exploit these issues.
Solution / Fix
RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
Solution:
Vendor updates are available. Please see the referenced advisory for further information.
Solution:
Vendor updates are available. Please see the referenced advisory for further information.
References
RETIRED: Cisco PGW 2200 Softswitch Multiple Denial of Service Vulnerabilities
References:
References:
- Cisco Homepage (Cisco )
- Cisco Security Advisory: Multiple vulnerabilities in Cisco PGW Softswitch (Cisco Systems Product Security Incident Response Team
) - Multiple vulnerabilities in Cisco PGW Softswitch (Cisco)