Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-3811

Overview

Vulnerability Score 7.8 7.8
CVE Id CVE-2008-3811
Last Modified 29 Oct 2012 11:15:45
Published 26 Sep 2008 12:21:44
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-3811

Summary

Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810.

Vulnerable Systems

Operating System

  • Cisco Ios 12.4md

  • Cisco Ios 12.4mr

  • Cisco Ios 12.4sw

  • Cisco Ios 12.4t

  • Cisco Ios 12.4xc

  • Cisco Ios 12.4xe

  • Cisco Ios 12.4xf

  • Cisco Ios 12.4xg

  • Cisco Ios 12.4xj

  • Cisco Ios 12.4xk

  • Cisco Ios 12.4xl

  • Cisco Ios 12.4xm

  • Cisco Ios 12.4xn

  • Cisco Ios 12.4xp

  • Cisco Ios 12.4xt

  • Cisco Ios 12.4xv

  • Cisco Ios 12.4xw


References

CISCO - 20080924 Cisco IOS NAT Skinny Call Control Protocol Vulnerability

XF - ios-sccp-fragmentationdos(45535)

VUPEN - ADV-2008-2670

BID - 31359

SECUNIA - 31990

SECTRACK - 1020937


Last Updated: 27 May 2016 11:01:18