Vulnerability CVE-2007-0961
Published: 2007-02-15   Modified: 2012-02-12

Description:
Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.

Type:

CWE-Other

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.8/10
6.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete
Affected software
Cisco -> Asa 5500 
Cisco -> Pix firewall 
Cisco -> Pix firewall software 

 References:
http://securitytracker.com/id?1017651
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
http://www.kb.cert.org/vuls/id/430969
http://www.securityfocus.com/bid/22561
http://www.securityfocus.com/bid/22562
http://www.securitytracker.com/id?1017652
http://www.vupen.com/english/advisories/2007/0608
https://exchange.xforce.ibmcloud.com/vulnerabilities/32487
https://exchange.xforce.ibmcloud.com/vulnerabilities/32501
Copyright 2024, cxsecurity.com

 

Back to Top