Lucene search

[email protected]CVE-2003-1109

HistoryMar 11, 2005 - 5:00 a.m.

CVE-2003-1109

2005-03-1105:00:00

[email protected]

web.nvd.nist.gov

sip

cisco

remote attack

denial of service

arbitrary code execution

vulnerability

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.4%

JSON

The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.

Affected configurations

NVD

Node

ciscoiosMatch12.2\(1\)xa

ciscoiosMatch12.2\(1\)xd

ciscoiosMatch12.2\(1\)xd1

ciscoiosMatch12.2\(1\)xd3

ciscoiosMatch12.2\(1\)xd4

ciscoiosMatch12.2\(1\)xe

ciscoiosMatch12.2\(1\)xe2

ciscoiosMatch12.2\(1\)xe3

ciscoiosMatch12.2\(1\)xh

ciscoiosMatch12.2\(1\)xq

ciscoiosMatch12.2\(1\)xs

ciscoiosMatch12.2\(1\)xs1

ciscoiosMatch12.2\(2\)t4

ciscoiosMatch12.2\(2\)xa

ciscoiosMatch12.2\(2\)xa1

ciscoiosMatch12.2\(2\)xa5

ciscoiosMatch12.2\(2\)xb

ciscoiosMatch12.2\(2\)xb3

ciscoiosMatch12.2\(2\)xb4

ciscoiosMatch12.2\(2\)xf

ciscoiosMatch12.2\(2\)xg

ciscoiosMatch12.2\(2\)xh

ciscoiosMatch12.2\(2\)xh2

ciscoiosMatch12.2\(2\)xh3

ciscoiosMatch12.2\(2\)xi

ciscoiosMatch12.2\(2\)xi1

ciscoiosMatch12.2\(2\)xi2

ciscoiosMatch12.2\(2\)xj

ciscoiosMatch12.2\(2\)xj1

ciscoiosMatch12.2\(2\)xk

ciscoiosMatch12.2\(2\)xk2

ciscoiosMatch12.2\(2\)xn

ciscoiosMatch12.2\(2\)xt

ciscoiosMatch12.2\(2\)xt3

ciscoiosMatch12.2\(2\)xu

ciscoiosMatch12.2\(2\)xu2

ciscoiosMatch12.2\(11\)t

ciscoiosMatch12.2t

ciscoiosMatch12.2xa

ciscoiosMatch12.2xb

ciscoiosMatch12.2xc

ciscoiosMatch12.2xd

ciscoiosMatch12.2xe

ciscoiosMatch12.2xf

ciscoiosMatch12.2xg

ciscoiosMatch12.2xh

ciscoiosMatch12.2xi

ciscoiosMatch12.2xj

ciscoiosMatch12.2xk

ciscoiosMatch12.2xl

ciscoiosMatch12.2xm

ciscoiosMatch12.2xn

ciscoiosMatch12.2xq

ciscoiosMatch12.2xr

ciscoiosMatch12.2xs

ciscoiosMatch12.2xt

ciscoiosMatch12.2xw

AND

ciscoip_phone_7940

ciscoip_phone_7960

ciscopix_firewall_softwareMatch5.2\(1\)

ciscopix_firewall_softwareMatch5.2\(2\)

ciscopix_firewall_softwareMatch5.2\(3.210\)

ciscopix_firewall_softwareMatch5.2\(5\)

ciscopix_firewall_softwareMatch5.2\(6\)

ciscopix_firewall_softwareMatch5.2\(7\)

ciscopix_firewall_softwareMatch5.3

ciscopix_firewall_softwareMatch5.3\(1\)

ciscopix_firewall_softwareMatch5.3\(1.200\)

ciscopix_firewall_softwareMatch5.3\(2\)

ciscopix_firewall_softwareMatch5.3\(3\)

ciscopix_firewall_softwareMatch6.0

ciscopix_firewall_softwareMatch6.0\(1\)

ciscopix_firewall_softwareMatch6.0\(2\)

ciscopix_firewall_softwareMatch6.1\(2\)

ciscopix_firewall_softwareMatch6.2\(1\)

CPENameOperatorVersion
cisco:ioscisco ioseq12.2\(1\)xa
cisco:ioscisco ioseq12.2\(1\)xd
cisco:ioscisco ioseq12.2\(1\)xd1
cisco:ioscisco ioseq12.2\(1\)xd3
cisco:ioscisco ioseq12.2\(1\)xd4
cisco:ioscisco ioseq12.2\(1\)xe
cisco:ioscisco ioseq12.2\(1\)xe2
cisco:ioscisco ioseq12.2\(1\)xe3
cisco:ioscisco ioseq12.2\(1\)xh
cisco:ioscisco ioseq12.2\(1\)xq

CPE	Name	Operator	Version
cisco:ios	cisco ios	eq	12.2\(1\)xa
cisco:ios	cisco ios	eq	12.2\(1\)xd
cisco:ios	cisco ios	eq	12.2\(1\)xd1
cisco:ios	cisco ios	eq	12.2\(1\)xd3
cisco:ios	cisco ios	eq	12.2\(1\)xd4
cisco:ios	cisco ios	eq	12.2\(1\)xe
cisco:ios	cisco ios	eq	12.2\(1\)xe2
cisco:ios	cisco ios	eq	12.2\(1\)xe3
cisco:ios	cisco ios	eq	12.2\(1\)xh
cisco:ios	cisco ios	eq	12.2\(1\)xq

Rows per page:

1-10 of 751

References

www.cert.org/advisories/CA-2003-06.html

www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml

www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/

www.kb.cert.org/vuls/id/528719

www.securityfocus.com/bid/6904

www.securitytracker.com/id?1006143

www.securitytracker.com/id?1006144

www.securitytracker.com/id?1006145

exchange.xforce.ibmcloud.com/vulnerabilities/11379

7.7 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.044 Low

EPSS

Percentile

92.4%

JSON

Related for CVE-2003-1109

nessus2 nvd1 cvelist1 cisco1