CVE-2003-1109 Information
Description
The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960 IOS versions in the 12.2 train and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages as demonstrated by the OUSPG PROTOS c07-sip test suite.
Reference
http://www.cert.org/advisories/CA-2003-06.html http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ http://www.kb.cert.org/vuls/id/528719 http://www.securityfocus.com/bid/6904 http://www.securitytracker.com/id?1006143 http://www.securitytracker.com/id?1006144 http://www.securitytracker.com/id?1006145 https://exchange.xforce.ibmcloud.com/vulnerabilities/11379
Share on: