Cisco IP Phone 7940 and 7960 with P0S3-08-6-00 firmware, and other SIP firmware before 8.7(0), allows remote attackers to cause a denial of service (device reboot) via (1) a certain sequence of 10 invalid SIP INVITE and OPTIONS messages; or (2) a certain invalid SIP INVITE message that contains a remote tag, followed by a certain set of two related SIP OPTIONS messages.
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
| Link | Tags |
|---|---|
| http://www.securityfocus.com/bid/25378 | vdb entry exploit |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/36125 | vdb entry |
| http://www.cisco.com/warp/public/707/cisco-sr-20070821-sip.shtml | vendor advisory |
| http://secunia.com/advisories/26547 | patch vendor advisory third party advisory |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065401.html | mailing list |
| http://securityreason.com/securityalert/3042 | third party advisory |
| http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065402.html | mailing list |
| http://securitytracker.com/id?1018591 | vdb entry |
| http://www.vupen.com/english/advisories/2007/2928 | vdb entry vendor advisory |
| http://www.osvdb.org/36695 | vdb entry |