CVE-2010-0580

Severity

99%

Complexity

99%

Confidentiality

165%

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."

Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."

CVSS 2.0 Base Score 9.9. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C).

Overview

Type

Cisco IOS

First reported 14 years ago

2010-03-25 21:00:00

Last updated 14 years ago

2010-04-13 05:43:00

Affected Software

Cisco IOS 12.3JK

12.3jk

Cisco IOS 12.3T

12.3t

Cisco IOS 12.3XD

12.3xd

Cisco IOS 12.3XF

12.3xf

Cisco IOS 12.3XG

12.3xg

Cisco IOS 12.3XI

12.3xi

Cisco IOS 12.3XJ

12.3xj

Cisco IOS 12.3XK

12.3xk

Cisco IOS 12.3XL

12.3xl

Cisco IOS 12.3XQ

12.3xq

Cisco IOS 12.3XR

12.3xr

Cisco IOS 12.3XU

12.3xu

Cisco IOS 12.3XW

12.3xw

Cisco IOS 12.3XX

12.3xx

Cisco IOS 12.3XY

12.3xy

Cisco IOS 12.3YF

12.3yf

Cisco IOS 12.3YG

12.3yg

Cisco IOS 12.3YK

12.3yk

Cisco IOS 12.3YM

12.3ym

Cisco IOS 12.3YQ

12.3yq

Cisco IOS 12.3YS

12.3ys

Cisco IOS 12.3YT

12.3yt

Cisco IOS 12.3YU

12.3yu

Cisco IOS 12.3YX

12.3yx

Cisco IOS 12.3YZ

12.3yz

Cisco IOS 12.3ZA

12.3za

Cisco IOS 12.4

12.4

Cisco IOS 12.4GC

12.4gc

Cisco IOS 12.4 MD

12.4md

Cisco IOS 12.4 MDA

12.4mda

Cisco IOS 12.4MR

12.4mr

Cisco IOS 12.4T

12.4t

Cisco IOS 12.4XA

12.4xa

Cisco IOS 12.4XB

12.4xb

Cisco IOS 12.4XD

12.4xd

Cisco IOS 12.4XP

12.4xp

Cisco IOS 12.4XR

12.4xr

Cisco IOS 12.4XT

12.4xt

Cisco IOS 12.4YA

12.4ya

Cisco IOS 12.4YB

12.4yb

Cisco IOS 12.4YD

12.4yd

Cisco IOS 12.4YE

12.4ye

Cisco IOS 12.4YG

12.4yg

References

39068

1023744

http://tools.cisco.com/security/center/viewAlert.x?alertId=20064

Patch, Vendor Advisory

20100324 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

Patch, Vendor Advisory

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.