Cisco IOS NAT功能SIP远程拒绝服务漏洞

发布日期:2012-03-28
更新日期:2012-03-29

受影响系统:
Cisco IOS 15.x
Cisco IOS 12.x
不受影响系统:
Cisco IOS 15.1S
Cisco IOS 15.1MR
Cisco IOS 15.1M
Cisco IOS 15.1GC
Cisco IOS 15.1EY
Cisco IOS 15.1(3)T3
Cisco IOS 15.0XO
Cisco IOS 15.0XA
Cisco IOS 15.0SY
Cisco IOS 15.0SE
Cisco IOS 15.0SA
Cisco IOS 15.0MRA
Cisco IOS 15.0MR
描述:
--------------------------------------------------------------------------------
BUGTRAQ  ID: 52758
CVE ID: CVE-2012-0383

Cisco的网际操作系统(IOS)是一个为网际互连优化的复杂操作系统。

Cisco IOS软件网络地址转换功能在转换SIP报文时存在拒绝服务漏洞,当受影响设备上的报文传输要求在SIP负载上转换时会触发此漏洞,造成内存资源耗尽,导致拒绝服务。

<*来源:Cisco
 
  链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat
*>

建议:
--------------------------------------------------------------------------------
厂商补丁:

Cisco
-----
Cisco已经为此发布了一个安全公告(cisco-sa-20120328-nat)以及相应补丁:

cisco-sa-20120328-nat:Cisco IOS Software Network Address Translation Vulnerability

链接:http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120328-nat

相关推荐