Condorlab

CISCO – BuffOverflow – DoS


Advisory IDRSN-SIP-1560


Vulnerability Information
A vulnerability in the Session Initiation Protocol (SIP) implementationof Cisco IP Phone 8851 11.0(0.1) could allow an unauthenticated, remoteattacker to cause a denial of service (DoS) condition. Thevulnerability is due to an abnormal SIP message. An attacker couldexploit this vulnerability by manipulating the CANCEL packet. Anexploit could allow the attacker to cause a disruption of service tothe phone. Cisco Bug IDs: CSCvc34795.


Release Date
2017-05-21 00:00:00


Solutions
RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6630
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6630