Cisco会话边界控制器远程拒绝服务漏洞

BUGTRAQ ID: 33975
CVE(CAN) ID: CVE-2009-0619

会话边界控制器（SBC）是位于网络边界的多媒体设备，控制到该网络的呼叫准入。

Cisco SBC中存在漏洞，未经认证的攻击者可以通过在2000端口上发送特制的TCP报文导致Cisco SBC卡重载。反复攻击可导致持续的拒绝服务情况。

Cisco Session Border Controller 3.0(1)
临时解决方法：

• 在RP的信令/媒体VLAN配置ACL。以下示例显示如何将VLAN 140配置为信令/媒体VLAN。

Cisco SBC配置

interface vlan 140
  ip address 10.140.1.90 255.255.255.0
  alias 10.140.1.100 255.255.255.0
  peer ip address 10.140.1.8 255.255.255.0
!
ft interface vlan 77
  ip address 192.168.1.1 255.255.255.0
  peer ip address 192.168.1. 255.255.255.0

RP配置

!- ACL blocking all TCP port 2000 traffic to the 10.140.1.0 internal network
!
access-list 100 deny   tcp any host 10.140.1.100 eq 2000
access-list 100 permit ip any any
!
interface Vlan140
 ip address 10.140.1.1 255.255.255.0
!- ACL is applied to the VLAN interface to egress traffic
  ip access-group 100 out
!

厂商补丁：

Cisco

Cisco已经为此发布了一个安全公告（cisco-sa-20090304-sbc）以及相应补丁:
cisco-sa-20090304-sbc：Cisco 7600 Series Router Session Border Controller Denial of Service Vulnerability
链接：<a href=“http://www.cisco.com/warp/public/707/cisco-sa-20090304-sbc.shtml” target=“_blank”>http://www.cisco.com/warp/public/707/cisco-sa-20090304-sbc.shtml</a>

补丁下载：
<a href=“http://www.cisco.com/pcgi-bin/tablebuild.pl/sbc-7600-crypto” target=“_blank”>http://www.cisco.com/pcgi-bin/tablebuild.pl/sbc-7600-crypto</a>