Vigil@nce: Cisco 7600, denial of service via SBC
March 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can send a malicious packet in order to stop the
Session Border Controller module on the Cisco 7600 router.
Gravity: 2/4
Consequences: denial of service of service
Provenance: internet client
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 04/03/2009
IMPACTED PRODUCTS
– Cisco Router
DESCRIPTION OF THE VULNERABILITY
The SBC (Cisco Session Border Controller) module can be installed
on a Cisco 7600 router to establish interconnections, for VoIP.
This module listens on the port 2000/tcp.
However, when this module receives malformed data, it stops (but
the router is not stopped). Technical details are unknown.
An attacker can therefore send a malicious TCP packet in order to
stop the Session Border Controller module on the Cisco 7600 router.
CHARACTERISTICS
Identifiers: 109483, 109611, BID-33975, BID-34003,
cisco-sa-20090304-sbc, CSCsq18958, CVE-2009-0619,
VIGILANCE-VUL-8508
http://vigilance.fr/vulnerability/Cisco-7600-denial-of-service-via-SBC-8508