‘Cisco PGW Softswitch Multiple Vulnerabilities’


Multiple Vulnerabilities were identified on Cisco PGW Softswitch.’


‘The original article can be found at: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b2c519.shtml


Vulnerable Systems:
 * CSCsz13590 9.8(1)S5
 * CSCsl39126 9.7(3)S11
 * CSCsk32606 9.7(3)S11
 * CSCsk44115 9.7(3)S11, 9.7(3)P11
 * CSCsk40030 9.7(3)S10
 * CSCsk38165 9.7(3)S10
 * CSCsj98521 9.7(3)S9, 9.7(3)P9
 * CSCsk04588 9.7(3)S9, 9.7(3)P9
 * CSCsk13561 9.7(3)S9, 9.7(3)P9

Immune Systems:
 * Cisco IOS Software is not affected by these vulnerabilities.

Multiple DoS vulnerabilities exist in the Cisco PGW 2200 Softswitch SIP implementation, and one vulnerability is in the MGCP implementation.

SIP is a popular signaling protocol used to manage voice and video calls across IP networks such as the Internet. SIP is responsible for handling all aspects of call setup and termination. Voice and video are the most popular types of sessions that SIP handles, but the protocol is flexible to accommodate for other applications that require call setup and termination. SIP call signaling can use UDP (port 5060), TCP (port 5060), or Transport Layer Security (TLS; TCP port 5061) as the underlying transport protocol.

MGCP is the protocol for controlling telephony gateways from external call control elements known as media gateway controllers or call agents. A telephony gateway is a network element that provides conversion between the audio signals carried on telephone circuits and data packets carried over the Internet or other packet networks.

Patch Availability:
When considering software upgrades, also consult http://www.cisco.com/go/psirt and any subsequent advisories to determine exposure and a complete upgrade solution. In all cases, customers should exercise caution to be certain the devices to be upgraded contain sufficient memory and that current hardware and software configurations will continue to be supported properly by the new release. If the information is not clear, contact the Cisco Technical Assistance Center (TAC) or your contracted maintenance provider for assistance.

There are no workarounds for the vulnerabilities in this advisory. In the case of the vulnerability that corresponds to Cisco Bug ID CSCsk13561, administrator must manually reboot the affected device to restore the device’s ability to accept new connections. Because vulnerability prevents new TCP-based session to be created, this reboot can be initiated only from the console. If a failover device is configured, existing sessions will continue while the affected device is reloading. Without a failover device, all active sessions will be terminated while the affected device is reloading.

CVE Information:

Disclosure Timeline:
2010-May-12: Initial public release.’

Categories: News