[VOIPSEC] Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities
Victor Pascual Avila
victor.pascual.avila at gmail.com
Thu Mar 25 05:17:15 CDT 2010
FYI: http://www.cisco.com/warp/public/707/cisco-sa-20100324-sip.shtml
"Successful exploitation of the vulnerabilities in this advisory may
result in a reload of the device. Repeated exploitation could result
in a sustained denial of service condition. There is a potential to
execute arbitrary code. In the event of successful remote code
execution, device integrity could be completely compromised."
"For devices that do not require SIP to be enabled, the simplest and
most effective workaround is to disable SIP processing on the device"
--
Victor Pascual Ávila
More information about the Voipsec
mailing list