OSVDB ID: 19004

Title: Cisco Multiple Products Unspecified Compressed DNS Message DoS (2)

Info

Disclosure
May 24, 2005

Discovery
Unknown

Dates

Exploit
Unknown

Solution
Unknown

Description

 Various Cisco products contain a flaw that may allow a remote denial of service. The issue is triggered when the devices receive a DNS packet containing crafted compressed data that causes errors in decompression, and will result in loss of availability for the service or device.

Classification

 Location: Remote/Network Access Required
Attack Type: Denial of Service
Impact: Loss of Availability
Exploit: Exploit Unavailable
Disclosure: OSVDB Verified

Solution

 Upgrade to the product versions listed in the Cicso advisory or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Cisco Systems, Inc.

ACNS devices

 4.x
5.0.x
5.3.2
5.3.1
5.3.0
5.2
5.2.1
5.2.2
5.2.3
5.2.4
5.2.5
5.2.6
5.1
5.1.1
5.1.2
5.1.3
5.1.4
5.1.5
5.1.6
5.1.7
5.1.8
5.1.9
5.1.10
5.1.11
5.1.12
5.1.13
5.1.14

SESM

 3.2(1)
3.2(2)
3.3(1)

7902 IP Phone

 SCCP 5.x
SCCP 4.x
SCCP 3.x
SCCP 2.x
SCCP 1.x
SCCP 6.0
SCCP 6.1.0
SIP 1.3.0
SIP 1.2.x
SIP 1.1.x
SIP 1.0.x
H323 1.0.1
H323 1.0.0

7905 IP Phone

 SIP 1.0.x
SIP 1.1.x
SIP 1.2.x
SIP 1.3.0
H323 1.0.1
H323 1.0.0
SCCP 6.1.0
SCCP 6.0.x
SCCP 5.x
SCCP 4.x
SCCP 3.x
SCCP 2.x
SCCP 1.x

7912 IP Phone

 SCCP 6.1.0
SCCP 6.0.x
SCCP 5.x
SCCP 4.x
SCCP 3.x
SCCP 2.x
SCCP 1.x
H323 1.0.1
H323 1.0.0
SIP 1.3.0
SIP 1.2.x
SIP 1.1.x
SIP 1.0.x

Unity Express

 2.1.2
2.1.1
2.1.0
1.x

ATA 186/188

 SCCP 3.2.0
SCCP 3.1.x
SCCP 3.0.x
SCCP 2.x
SCCP 1.x
SIP 3.2.0
SIP 3.1.x
SIP 3.0.x
SIP 2.x
SIP 1.x
H323 3.1.2
H323 3.1.1
H323 3.1.0
H323 3.0.x
H323 2.x
H323 1.x
MGCP 3.1.1
MGCP 3.1.0
MGCP 3.0.x
MGCP 2.x
MGCP 1.x

References

Credit
  • Dr. Steve Beaty - beatysBrand New Doo Doomscd.edu - Metropolitan State College of Denver


Direct URL: http://osvdb.org/36218