受影响系统:
Cisco IOS 12.4
Cisco IOS 12.3
Cisco IOS 12.2
Cisco IOS 12.1
Cisco IOS 12.0
Cisco Unified Communications Manager 6.0
Cisco Unified Communications Manager 5.1
Cisco Unified Communications Manager 5.0
描述:
Cisco IOS是Cisco网络设备中所使用的操作系统。
Cisco IOS在处理各类协议报文时存在漏洞,远程攻击者可能利用这些漏洞导致设备不可用。
假如向运行Cisco IOS或Cisco Unified Communications Manager的网络设备发送了畸形的SIP报文的话,就可能导致拒绝服务或执行任意代码;此外假如运行Cisco IOS的网络设备接收到了畸形的MGCP报文、H.323报文、RTP报文,或在接收传真时收到了很大的报文,都可能导致服务崩溃或路由器挂起。
厂商补丁:
Cisco
Cisco已为此发布了一个安全公告(cisco-sa-20070808-IOS-voice)连同相应补丁:
cisco-sa-20070808-IOS-voice:Voice Vulnerabilities in Cisco IOS and Cisco Unified Communications Manager
链接:http://www.cisco.com/warp/public/707/cisco-sa-20070808-IOS-voice.shtml
