Cisco IOS NAT功能拒绝服务漏洞(CVE-2012-4618)

BUGTRAQ ID: 55693 CVE ID: CVE-2012-4618 Cisco IOS是多数思科系统路由器和网络交换机上使用的互联网络操作系统。NAT SIP ALG功能可通过IP报文的SIP负载内嵌入的IP地址转换，根据SIP部署VoIP解决方案之间的Cisco IOS NAT， Cisco IOS在启用了NAT SIP ALG功能处理SIP报文时存在安全漏洞，NAT SIP ALG是默认启用的并执行了IP报文的SIP负载转换。默认是对UDP端口5060报文转换NAT SIP。该端口使用全局配置命令"ip nat service sip udp port"配置。...

CVE-2012-4618

The CVE-2012-4618 issue affects Cisco IOS Software Network Address Translation NAT with the SIP ALG feature. The vulnerability arises when SIP payloads are translated for in-transit packets, causing a denial of service that can trigger a device reload. Affected IOS versions noted in the sources i...