A vulnerability in Session Initiation Protocol (SIP) processing functions of the Cisco Unified Communications Manager Instant Messaging (IM) and Presence Service could allow an unauthenticated, remote attacker to cause the Cisco SIP Proxy Daemon (sipd) process to restart unexpectedly, resulting in a denial of service (DoS) condition on a targeted system. The vulnerability is due to improper input validation of SIP packet headers. An attacker could exploit this vulnerability by sending a crafted SIP packet to a targeted system. A successful exploit could allow the attacker to cause the sipd process to restart unexpectedly, resulting in a DoS condition on the system. If the sipd process restarts repeatedly, a successful exploit could also result in a sustained DoS condition and cause high disk utilization due to a large number of sipd core files being written to disk, which could exacerbate the DoS condition. Cisco has released software updates that address this vulnerability. There are no workarounds that address this vulnerability. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160803-ucm
admin: show version active Active Master Version: 11.5.1.10000-4 Active Version Installed Software Options: No Installed Software Options Found.
file delete activelog /core/core.*.sipd.* noconfirm
Version | Description | Section | Status | Date |
---|---|---|---|---|
1.1 | Added COP file for 11.5(1) | Fixed Software | Final | 2016-August-05 |
1.0 | Initial public release. | - | Final | 2016-August-03 |
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES THE RIGHT TO CHANGE OR UPDATE THIS DOCUMENT AT ANY TIME.
A standalone copy or paraphrase of the text of this document that omits the distribution URL is an uncontrolled copy and may lack important information or contain factual errors. The information in this document is intended for end users of Cisco products.