CERT-In Vulnerability Note CIVN-2009-45
Cisco IOS Software Multiple Features Crafted UDP Packet Vulnerability

Original Issue Date: April 09, 2009

Severity Rating: High

Systems Affected

Cisco IOS 12.0 through 12.4, if any of the following features are enabled:

•  IP Service Level Agreements ( SLA ) Responder
•  Session Initiation Protocol (SIP)
•  H.323 Annex E Call Signaling Transport
•  Media Gateway Control Protocol (MGCP)

Overview

Multiple features of Cisco IOS are prone to a denial of service vulnerability when handling specially crafted UDP packets. An attacker can exploit this issue to trigger an affected device to block an interface and silently drop packets, causing denial of service conditions.

Description

This vulnerability exists in the Cisco IOS Software while processing certain UDP packets. An unauthenticated, remote attacker could exploit this vulnerability by sending crafted UDP packets to the target device could result in the interface being blocked, causing denial of service conditions.

Workarounds

•  Disable listening port
•  Use access list

Solution

Apply appropriate fixed versions as mentioned in CISCO Security Advisory.
http://www.cisco.com/warp/public/707/cisco-sa-20090325-udp.shtml

Vendor Information

CISCO
http://www.cisco.com/en/US/products/products_security_advisory
09186a0080a90426.shtml

References

CISCO http://www.cisco.com/en/US/products/products_security_advisory
09186a0080a90426.shtml

Security Focus
http://www.securityfocus.com/bid/34245

Secunia
http://secunia.com/advisories/34438

CVE Name:
CVE-2009-0631

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003