Details of VAR-E-200809-0948

ID

VAR-E-200809-0948

CVE

cve_id:	CVE-2008-3801	Trust: 0.6
cve_id:	CVE-2008-3800	Trust: 0.6
cve_id:	CVE-2008-3802	Trust: 0.3
cve_id:	CVE-2008-3799	Trust: 0.3

sources: BID: 31361 // BID: 31367

TITLE

Cisco IOS SIP Multiple Denial of Service Vulnerabilities

Trust: 0.3

sources: BID: 31361

DESCRIPTION

Devices running Cisco IOS with SIP enabled are prone to multiple denial-of-service vulnerabilities.
These issues are tracked by the following Cisco bug IDs and CVEs:
CSCse56800 (CVE-2008-3799)
CSCsg91306 (CVE-2008-3800)
CSCsl62609 (CVE-2008-3801)
CSCsk42759 (CVE-2008-3802)
An attacker can exploit these issues to deny service to legitimate users.

Trust: 0.3

sources: BID: 31361

AFFECTED PRODUCTS

vendor:	cisco	model:	unified communications manager 5.1	scope:	-	version:	-	Trust: 1.2
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.0	Trust: 0.9
vendor:	cisco	model:	ios 12.4	scope:	ne	version:	-	Trust: 0.6
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.0	Trust: 0.6
vendor:	cisco	model:	unified callmanager 4.1 sr5	scope:	-	version:	-	Trust: 0.6
vendor:	cisco	model:	unified communications manager su1	scope:	ne	version:	6.1	Trust: 0.6
vendor:	cisco	model:	ios 12.4xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.4xv	Trust: 0.3
vendor:	cisco	model:	ios 12.4xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4mr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.4	Trust: 0.3
vendor:	cisco	model:	ios 12.3za	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ys	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3yg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3ye	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xx	Trust: 0.3
vendor:	cisco	model:	ios 12.3xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3xv	Trust: 0.3
vendor:	cisco	model:	ios 12.3xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xr	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xq	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xk	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xi	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xg	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xe	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3xa	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3va	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3tpc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	eq	version:	12.3	Trust: 0.3
vendor:	cisco	model:	ios 12.2zp	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ze	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2zb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yy	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yv	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yn	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ym	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yl	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yj	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yh	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yf	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yd	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2yb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2ya	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xw	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xu	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xt	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xm	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2xb	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2tpc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2t	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2mc	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2cz	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2by	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2bx	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2b	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t11	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 xd11	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 xb10	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 mr	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios	scope:	ne	version:	12.4(18)	Trust: 0.3
vendor:	cisco	model:	ios 12.4 xy3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 xl2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 t4	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.4 xw7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yg7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 xa7	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yx12	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 ym13	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yz3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.3 yk3	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 sb2	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 mc2c	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	ios 12.2 yv1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 6.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.1	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	6.0(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	5.1(3)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	5.1(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	5.1(1)	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	5.0	Trust: 0.3
vendor:	cisco	model:	unified communications manager 4.3 sr1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	4.3(2)	Trust: 0.3
vendor:	cisco	model:	unified communications manager 4.3 sr.1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	eq	version:	4.3	Trust: 0.3
vendor:	cisco	model:	unified communications manager 4.2 sr2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager sr4	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	unified communications manager sr3	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	unified communications manager sr2b	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	6.0	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	unified callmanager 5.0 su1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.0(4)	Trust: 0.3
vendor:	cisco	model:	unified callmanager 5.0	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.0(3)	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.0(2)	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	5.0(1)	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.3 sr1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.2 sr2	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.2 sr1	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	4.2	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.1 sr7	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.1 sr4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager sr5c	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	unified callmanager sr5b	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	unified callmanager	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager sr2	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager sr1	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es32	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es24	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es07	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es55	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es50	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager es33	scope:	eq	version:	4.1	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	5.1	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	4.3(1)	Trust: 0.3
vendor:	cisco	model:	call manager	scope:	eq	version:	4.2(3)	Trust: 0.3
vendor:	cisco	model:	call manager 4.1 sr4	scope:	-	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager 5.1	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified communications manager	scope:	ne	version:	5.1	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.3 sr1b	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.3 sr1a	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.2 sr4b	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.1 sr8a	scope:	ne	version:	-	Trust: 0.3
vendor:	cisco	model:	unified callmanager 4.1 sr8	scope:	ne	version:	-	Trust: 0.3

sources: BID: 31361 // BID: 31367

EXPLOIT

To exploit these issues, attackers use readily available utilities for generating SIP messages.

Trust: 0.3

sources: BID: 31361

PRICE

Free

Trust: 0.3

sources: BID: 31361

TYPE

Unknown

Trust: 0.6

sources: BID: 31361 // BID: 31367

CREDITS

The vendor disclosed these vulnerabilities.

Trust: 0.3

sources: BID: 31361

EXTERNAL IDS

db:	NVD	id:	CVE-2008-3801	Trust: 0.6
db:	NVD	id:	CVE-2008-3800	Trust: 0.6
db:	NVD	id:	CVE-2008-3802	Trust: 0.3
db:	NVD	id:	CVE-2008-3799	Trust: 0.3
db:	BID	id:	31361	Trust: 0.3
db:	BID	id:	31367	Trust: 0.3

sources: BID: 31361 // BID: 31367

REFERENCES

url:	http://www.cisco.com/en/us/products/products_security_advisory09186a0080a01562.shtml	Trust: 0.3
url:	http://www.cisco.com/public/sw-center/sw-ios.shtml	Trust: 0.3
url:	http://www.cisco.com/warp/public/707/cisco-sa-20080924-cucm.shtml	Trust: 0.3
url:	http://www.cisco.com/	Trust: 0.3

sources: BID: 31361 // BID: 31367

SOURCES

db:	BID	id:	31361
db:	BID	id:	31367

LAST UPDATE DATE

2022-07-27T10:04:07.862000+00:00

SOURCES UPDATE DATE

db:	BID	id:	31361	date:	2008-09-24T22:29:00
db:	BID	id:	31367	date:	2009-04-09T19:06:00

SOURCES RELEASE DATE

db:	BID	id:	31361	date:	2008-09-24T00:00:00
db:	BID	id:	31367	date:	2008-09-24T00:00:00