‘Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerabilities’
‘The original article can be found at: http://www.cisco.com/warp/public/707/cisco-sa-20100922-cucmsip.shtml‘
* Cisco Unified Communications Manager 6.x
* Cisco Unified Communications Manager 7.x
* Cisco Unified Communications Manager 8.x
* Cisco Unified Communications Manager 4.x
Cisco Unified Communications Manager contains two DoS vulnerabilities that involve the processing of SIP messages. Each vulnerability is triggered by a malformed SIP message that could cause a critical process to fail, which could result in the disruption of voice services. All SIP ports (TCP ports 5060 and 5061 and UDP ports 5060 and 5061) are affected. Exploitation of these vulnerabilities could cause an interruption of voice services.
Please refer to section ‘Software Versions and Fixes’ at:
Cisco Unified Communication Manager versions 6.1, 7.1 and 8.0 introduced the ability to disable SIP processing. SIP processing is enabled by default. Use the following instructions to disable SIP processing:
Step 1: Log into the Cisco Unified CM Administration web interface.
Step 2: Navigate to System > Service Parameters and select the appropriate Cisco Unified Communications Manager server and the ‘Cisco CallManager’ service.
Step 3: Change the ‘SIP Interoperability Enabled’ parameter to False, and click Save.
For information on how to restart the service, refer to the ‘Restarting the Cisco CallManager Service’ section of the document at:
2010-September-22 Public Release’