Cisco IOS Zone-Based Policy Firewall SIP CVE-2013-1145 Memory Leak Denial of Service Vulnerability

Bugtraq ID:	58741
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2013-1145
Remote:	Yes
Local:	No
Published:	Mar 27 2013 12:00AM
Updated:	Mar 27 2013 12:00AM
Credit:	csico
Vulnerable:	Cisco IOS 12.0.19 Cisco IOS 12.0.7 Cisco IOS 12.0.6 Cisco IOS 12.0.5 Cisco IOS 12.0.4 Cisco IOS 12.0.3 Cisco IOS 12.0.2 Cisco IOS 12.0.1 Cisco IOS 11.3.1 Cisco IOS 11.2.8 Cisco IOS 11.2.4 Cisco IOS 11.1.16 Cisco IOS 11.1.15 Cisco IOS 11.1.13 Cisco IOS 11.1.7 Cisco IOS 11.0.20 .3 Cisco IOS 11.0.17 Cisco IOS 11.0.12 Cisco IOS 10.3.16 Cisco IOS 10.3.4 .3 Cisco IOS 10.3.4 .2 Cisco IOS 10.3.3 .4 Cisco IOS 10.3.3 .3 Cisco IOS 10.0 Cisco IOS 1.0 Cisco IOS 15.0(1)M1 Cisco IOS 11.3 Cisco IOS 11.1 Cisco IOS 11.0 Cisco IOS 10.3
Not Vulnerable:

Cisco IOS Zone-Based Policy Firewall SIP CVE-2013-1145 Memory Leak Denial of Service Vulnerability

Cisco IOS is prone to a remote denial-of-service vulnerability.

An attacker can exploit this issue to cause an affected device to reload or become unresponsive, denying service to legitimate users.

This issue is being tracked by Cisco Bug ID CSCtl99174.

Cisco IOS Zone-Based Policy Firewall SIP CVE-2013-1145 Memory Leak Denial of Service Vulnerability

Currently, we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Cisco IOS Zone-Based Policy Firewall SIP CVE-2013-1145 Memory Leak Denial of Service Vulnerability

Solution:
Updates are available. Please see the references or vendor advisory for more information.

Cisco IOS Zone-Based Policy Firewall SIP CVE-2013-1145 Memory Leak Denial of Service Vulnerability

References:

• Cisco Homepage (Cisco )
  
• Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol DOS (Cisco)