CVE-2007-0648 Information

Description

Cisco IOS after 12.3(14)T 12.3(8)YC1 12.3(8)YG and 12.4 with voice support and without Session Initiated Protocol (SIP) configured allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP.

Reference

http://secunia.com/advisories/23978 http://securitytracker.com/id?1017575 http://www.cisco.com/warp/public/707/cisco-air-20070131-sip.shtml http://www.cisco.com/warp/public/707/cisco-sa-20070131-sip.shtml http://www.kb.cert.org/vuls/id/438176 http://www.securityfocus.com/bid/22330 http://www.vupen.com/english/advisories/2007/0428 https://exchange.xforce.ibmcloud.com/vulnerabilities/31990 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5138