FKIE_CVE-2007-0961

Vulnerability from fkie_nvd - Published: 2007-02-16 00:28 - Updated: 2025-04-09 00:30
Severity ?
Summary
Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.
References
cve@mitre.orghttp://osvdb.org/33054
cve@mitre.orghttp://secunia.com/advisories/24160Vendor Advisory
cve@mitre.orghttp://secunia.com/advisories/24179
cve@mitre.orghttp://secunia.com/advisories/24180Patch, Vendor Advisory
cve@mitre.orghttp://securitytracker.com/id?1017651Patch
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtmlPatch, Vendor Advisory
cve@mitre.orghttp://www.kb.cert.org/vuls/id/430969US Government Resource
cve@mitre.orghttp://www.securityfocus.com/bid/22561
cve@mitre.orghttp://www.securityfocus.com/bid/22562
cve@mitre.orghttp://www.securitytracker.com/id?1017652
cve@mitre.orghttp://www.vupen.com/english/advisories/2007/0608
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/32487
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/32501
af854a3a-2127-422b-91ae-364da2661108http://osvdb.org/33054
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24160Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24179
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/24180Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1017651Patch
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtmlPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/430969US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22561
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/22562
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1017652
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2007/0608
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/32487
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/32501
Impacted products
Vendor Product Version
cisco asa_5500 6.3
cisco asa_5500 7.0
cisco asa_5500 7.1
cisco asa_5500 7.2
cisco pix_firewall_software 6.3
cisco pix_firewall_software 7.0
cisco pix_firewall_software 7.1
cisco pix_firewall_software 7.2
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FF9E603-AACA-471C-AD21-617F2C93A9C3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "891B8FA4-B602-42C5-A94F-8C60BBF7A7D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "856917BD-179B-4C43-8EA6-034254720B63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:h:cisco:asa_5500:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "800D4D6A-0814-4D83-8E66-945687AE58D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F867890-74A4-4892-B99A-27DB4603B873",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "B009CCE4-908C-4830-B0E0-7B4CB33280F9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:7.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "640CDC78-22D3-4E60-8D36-F088D8DB27DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:pix_firewall_software:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "20DD5D7A-5AF6-4847-A001-926B13FB8B26",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the \"inspect sip\" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets."
    },
    {
      "lang": "es",
      "value": "Cisco PIX 500 y ASA 5500 Series Security Appliances 6.x versiones anteriores a 6.3(5.115), 7.0 versiones anteriores a 7.0(5.2), y 7.1 versiones anteriores a 7.1(2.5), y el FWSM 3.x versiones anteriores a 3.1(3.24), cuando la opci\u00f3n \"inspect sip\" est\u00e1 habilitada, permite a atacantes remotos provocar una denegaci\u00f3n de servicio (reinicio de dispositivo) mediante paquetes SIP mal-formados."
    }
  ],
  "id": "CVE-2007-0961",
  "lastModified": "2025-04-09T00:30:58.490",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2007-02-16T00:28:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://osvdb.org/33054"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24160"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/24179"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24180"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017651"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/430969"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22561"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/22562"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securitytracker.com/id?1017652"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2007/0608"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32487"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://osvdb.org/33054"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24160"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/24179"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/24180"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://securitytracker.com/id?1017651"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/430969"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22561"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/22562"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1017652"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2007/0608"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32487"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32501"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.