Cisco is warning customers about multiple vulnerabilities in its
Cisco Internework Operating System (IOS) and IOS secure copy server
as well as its Unified Communications Manager, which could be
exploited remotely by an attacker to conduct a denial of service or
execute arbitrary code.
Cisco said multiple vulnerabilities occur in its IOS and Unified
Communications Manager when handling malformed
Session Initiation Protocol (SIP) packets. SIP is a standard
protocol for initiating an interactive user session that involves
multimedia elements such as video, voice, chat, gaming, and virtual
reality.
Cisco said the router can be crashed by a malformed SIP message.
A memory leak and memory corruption also can occur when processing
a malformed SIP message,
Cisco said in its advisory. Cisco IOS versions 12.0 through
12.4 are vulnerable and Cisco Unified Communications Manager
versions 5.1 through 6.0 are vulnerable. Patches are being
released.
In addition the
IOS is prone to a remote buffer-overflow vulnerability because
it fails to perform adequate boundary checks on user supplied data.
Also, Cisco said its
IOS secure copy server is prone to a remote security-bypass
vulnerability.
Danish vulnerability clearinghouse Secunia rated the flaws
"moderately critical." Symantec's DeepSight Threat Management
System said Cisco customers can block external access at the
network boundary, unless external parties require service until the
software is updated.
"If global access isn't needed, filter access to the affected
device at the network boundary," Symantec said in its advisory.
"Restricting access to only trusted computers and networks might
greatly reduce the likelihood of exploitation."