ISS X-Force Database: cisco-ios-rtp-dos(35905): Cisco IOS RTP denial of service

Cisco IOS RTP denial of service

cisco-ios-rtp-dos (35905)

Low Risk

Description:

Multiple Cisco devices running versions of Cisco IOS with the voice services enabled are vulnerable to a denial of service. By sending a specially-crafted RTP packet, a remote attacker could exploit this vulnerability to cause the device to crash.

Platforms Affected:

Cisco, IOS 12.0
Cisco, IOS 12.0T
Cisco, IOS 12.0WC
Cisco, IOS 12.0XA
Cisco, IOS 12.0XC
Cisco, IOS 12.0XD
Cisco, IOS 12.0XE
Cisco, IOS 12.0XF
Cisco, IOS 12.0XG
Cisco, IOS 12.0XH
Cisco, IOS 12.0XI
Cisco, IOS 12.0XK
Cisco, IOS 12.0XL
Cisco, IOS 12.0XM
Cisco, IOS 12.0XN
Cisco, IOS 12.0XQ
Cisco, IOS 12.0XR
Cisco, IOS 12.0XV
Cisco, IOS 12.1
Cisco, IOS 12.1AA
Cisco, IOS 12.1E
Cisco, IOS 12.1EA
Cisco, IOS 12.1EC
Cisco, IOS 12.1EX
Cisco, IOS 12.1EY
Cisco, IOS 12.1EZ
Cisco, IOS 12.1GA
Cisco, IOS 12.1GB
Cisco, IOS 12.1T
Cisco, IOS 12.1XA
Cisco, IOS 12.1XB
Cisco, IOS 12.1XC
Cisco, IOS 12.1XD
Cisco, IOS 12.1XE
Cisco, IOS 12.1XF
Cisco, IOS 12.1XG
Cisco, IOS 12.1XH
Cisco, IOS 12.1XI
Cisco, IOS 12.1XJ
Cisco, IOS 12.1XL
Cisco, IOS 12.1XM
Cisco, IOS 12.1XP
Cisco, IOS 12.1XQ
Cisco, IOS 12.1XR
Cisco, IOS 12.1XS
Cisco, IOS 12.1XT
Cisco, IOS 12.1XU
Cisco, IOS 12.1XV
Cisco, IOS 12.1XW
Cisco, IOS 12.1XY
Cisco, IOS 12.1XZ
Cisco, IOS 12.1YA
Cisco, IOS 12.1YB
Cisco, IOS 12.1YC
Cisco, IOS 12.1YD
Cisco, IOS 12.1YE
Cisco, IOS 12.1YF
Cisco, IOS 12.1YH
Cisco, IOS 12.1YI
Cisco, IOS 12.2
Cisco, IOS 12.2B
Cisco, IOS 12.2BW
Cisco, IOS 12.2BY
Cisco, IOS 12.2CZ
Cisco, IOS 12.2DD
Cisco, IOS 12.2DX
Cisco, IOS 12.2IXA
Cisco, IOS 12.2IXB
Cisco, IOS 12.2IXC
Cisco, IOS 12.2IXD
Cisco, IOS 12.2MC
Cisco, IOS 12.2S
Cisco, IOS 12.2SB
Cisco, IOS 12.2SBC
Cisco, IOS 12.2SRA
Cisco, IOS 12.2SRB
Cisco, IOS 12.2SU
Cisco, IOS 12.2SV
Cisco, IOS 12.2SVC
Cisco, IOS 12.2SW
Cisco, IOS 12.2SX
Cisco, IOS 12.2SXA
Cisco, IOS 12.2SXB
Cisco, IOS 12.2SXD
Cisco, IOS 12.2SXE
Cisco, IOS 12.2SXF
Cisco, IOS 12.2SZ
Cisco, IOS 12.2T
Cisco, IOS 12.2TPC
Cisco, IOS 12.2VZ
Cisco, IOS 12.2XA
Cisco, IOS 12.2XB
Cisco, IOS 12.2XC
Cisco, IOS 12.2XD
Cisco, IOS 12.2XE
Cisco, IOS 12.2XG
Cisco, IOS 12.2XH
Cisco, IOS 12.2XI
Cisco, IOS 12.2XJ
Cisco, IOS 12.2XK
Cisco, IOS 12.2XL
Cisco, IOS 12.2XM
Cisco, IOS 12.2XN
Cisco, IOS 12.2XQ
Cisco, IOS 12.2XS
Cisco, IOS 12.2XT
Cisco, IOS 12.2XU
Cisco, IOS 12.2XV
Cisco, IOS 12.2XW
Cisco, IOS 12.2YA
Cisco, IOS 12.2YB
Cisco, IOS 12.2YC
Cisco, IOS 12.2YD
Cisco, IOS 12.2YE
Cisco, IOS 12.2YF
Cisco, IOS 12.2YG
Cisco, IOS 12.2YH
Cisco, IOS 12.2YJ
Cisco, IOS 12.2YK
Cisco, IOS 12.2YL
Cisco, IOS 12.2YM
Cisco, IOS 12.2YN
Cisco, IOS 12.2YP
Cisco, IOS 12.2YQ
Cisco, IOS 12.2YR
Cisco, IOS 12.2YS
Cisco, IOS 12.2YT
Cisco, IOS 12.2YU
Cisco, IOS 12.2YV
Cisco, IOS 12.2YW
Cisco, IOS 12.2YX
Cisco, IOS 12.2YY
Cisco, IOS 12.2YZ
Cisco, IOS 12.2ZB
Cisco, IOS 12.2ZC
Cisco, IOS 12.2ZD
Cisco, IOS 12.2ZE
Cisco, IOS 12.2ZF
Cisco, IOS 12.2ZG
Cisco, IOS 12.2ZH
Cisco, IOS 12.2ZJ
Cisco, IOS 12.2ZL
Cisco, IOS 12.2ZP
Cisco, IOS 12.2ZR
Cisco, IOS 12.2ZU
Cisco, IOS 12.2ZW
Cisco, IOS 12.2ZY
Cisco, IOS 12.3
Cisco, IOS 12.3B
Cisco, IOS 12.3T
Cisco, IOS 12.3TPC
Cisco, IOS 12.3XA
Cisco, IOS 12.3XB
Cisco, IOS 12.3XC
Cisco, IOS 12.3XD
Cisco, IOS 12.3XE
Cisco, IOS 12.3XF
Cisco, IOS 12.3XG
Cisco, IOS 12.3XH
Cisco, IOS 12.3XI
Cisco, IOS 12.3XJ
Cisco, IOS 12.3XK
Cisco, IOS 12.3XQ
Cisco, IOS 12.3XR
Cisco, IOS 12.3XS
Cisco, IOS 12.3XU
Cisco, IOS 12.3XW
Cisco, IOS 12.3XY
Cisco, IOS 12.3YA
Cisco, IOS 12.3YD
Cisco, IOS 12.3YF
Cisco, IOS 12.3YG
Cisco, IOS 12.3YH
Cisco, IOS 12.3YI
Cisco, IOS 12.3YK
Cisco, IOS 12.3YM
Cisco, IOS 12.3YQ
Cisco, IOS 12.3YS
Cisco, IOS 12.3YT
Cisco, IOS 12.3YU
Cisco, IOS 12.3YX
Cisco, IOS 12.3YZ
Cisco, IOS 12.4
Cisco, IOS 12.4MR
Cisco, IOS 12.4T
Cisco, IOS 12.4XA
Cisco, IOS 12.4XB
Cisco, IOS 12.4XC
Cisco, IOS 12.4XD
Cisco, IOS 12.4XE
Cisco, IOS 12.4XJ
Cisco, IOS 12.4XT
Cisco, IOS 12.4XV
Cisco, IOS 12.4XW

Remedy:

Refer to cisco-sa-20070808-IOS-voice for upgrade or suggested workaround information. See References.

Consequences:

Denial of Service

References:

cisco-sa-20070808-IOS-voice, Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager at http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml.
BID-25239: Cisco IOS and Unified Communications Manager Multiple Voice Vulnerabilities
CVE-2007-4291: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption.
FrSIRT/ADV-2007-2816: Cisco IOS and UCM Remote Code Execution and Denial of Service Vulnerabilities
SA26363: Cisco IOS Voice Service Multiple Protocol Handling Vulnerabilities
SECTRACK ID: 1018533: Cisco IOS Bugs in Voice Services Let Remote Users Deny Service or Potentially Execute Arbitrary Code

Reported:

Aug 08, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page