CVE-2007-0961
First published: Fri Feb 16 2007(Updated: )
Cisco PIX 500 and ASA 5500 Series Security Appliances 6.x before 6.3(5.115), 7.0 before 7.0(5.2), and 7.1 before 7.1(2.5), and the FWSM 3.x before 3.1(3.24), when the "inspect sip" option is enabled, allows remote attackers to cause a denial of service (device reboot) via malformed SIP packets.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Cisco PIX Firewall | =7.2 | |
| Cisco PIX Firewall | =7.1 | |
| Cisco ASA 5500 CSC-SSM | =7.0 | |
| Cisco ASA 5500 CSC-SSM | =7.2 | |
| Cisco ASA 5500 CSC-SSM | =6.3 | |
| Cisco ASA 5500 CSC-SSM | =7.1 | |
| Cisco PIX Firewall | =7.0 | |
| Cisco PIX Firewall | =6.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2484.shtml
- http://www.cisco.com/en/US/products/products_security_advisory09186a00807e2481.shtml
- http://www.securityfocus.com/bid/22562
- http://securitytracker.com/id?1017651
- http://secunia.com/advisories/24160
- http://secunia.com/advisories/24180
- http://www.kb.cert.org/vuls/id/430969
- http://www.securityfocus.com/bid/22561
- http://www.securitytracker.com/id?1017652
- http://secunia.com/advisories/24179
- http://osvdb.org/33054
- http://www.vupen.com/english/advisories/2007/0608
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32501
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32487
Frequently Asked Questions
What is the severity of CVE-2007-0961?
CVE-2007-0961 is classified as a high severity vulnerability due to its potential to cause denial of service.
How do I fix CVE-2007-0961?
To fix CVE-2007-0961, update to the latest software versions as recommended by Cisco.
Which Cisco devices are affected by CVE-2007-0961?
CVE-2007-0961 affects Cisco PIX 500 and ASA 5500 Series devices running specified versions prior to their respective patches.
What does CVE-2007-0961 exploit?
CVE-2007-0961 exploits the 'inspect sip' option, allowing attackers to use malformed SIP packets to reboot the device.
Can CVE-2007-0961 be exploited remotely?
Yes, CVE-2007-0961 can be exploited remotely by attackers sending malformed SIP packets.
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/author
- agent/severity
- agent/last-modified-date
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/cisco
- canonical/cisco pix firewall
- version/cisco pix firewall/7.2
- version/cisco pix firewall/7.1
- canonical/cisco asa 5500 csc-ssm
- version/cisco asa 5500 csc-ssm/7.0
- version/cisco asa 5500 csc-ssm/7.2
- version/cisco asa 5500 csc-ssm/6.3
- version/cisco asa 5500 csc-ssm/7.1
- version/cisco pix firewall/7.0
- version/cisco pix firewall/6.3