Denial of Service Vulnerability in Cisco IOS and Unified Communications Manager
CVE-2008-3800

Currently unrated

Key Information:

Vendor: Cisco
Status: Unified Callmanager; Unified Communications Manager; Ios
Vendor: CVE Published:; 26 September 2008

What is CVE-2008-3800?

A vulnerability exists in the Session Initiation Protocol (SIP) implementation of Cisco IOS versions 12.2 to 12.4 and Unified Communications Manager versions 4.1 to 6.1. When VoIP is configured, this vulnerability allows remote attackers to exploit unspecified valid SIP messages, potentially triggering a denial of service by causing a device or process to reload. This issue is documented under Cisco Bug ID CSCsu38644 and is distinct from related vulnerabilities.

References

http://secunia.com/advisories/31990

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/31367

vdb-entryx_refsource_BID

https://oval.cisecurity.org/repository/search/definition/...

vdb-entrysignaturex_refsource_OVAL

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 26, 2008
Vulnerability Reserved
Aug 27, 2008