-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Reference: CERT-EU Security Advisory 2012-0028 Title: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities Version history: 01.03.2012 Initial publication Summary ======= CVSS Base Scores CVE-2012-0330: Error while processing malformed SIP message CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [3]) CVE-2012-0331: Tandberg SIP INVITE vulnerability CVSS v2 Base Score: 7.8 (HIGH) (AV:N/AC:L/Au:N/C:N/I:N/A:C) [3]) Affected Versions ================= For both vulnerabilities: These vulnerabilities affect all three variants (Control, Expressway, and Starter Pack Express) of Cisco TelePresence Video Communication Server. Original Details ================ CVE-2012-0330 and CVE-2012-0331 Software versions prior to X7.0.1 contain vulnerabilities that could cause a crash of the affected device and result in a DoS condition. These vulnerabilities are triggered by a crafted Session Initiation Protocol (SIP) packet that is sent to an affected device on either TCP and UDP ports 5060 or 5061. What can you do? ================ Deploy the updated versions of the software [2]. Workarounds: There are no workarounds that mitigate these vulnerabilities. Additional mitigations that can be deployed on Cisco devices within the network are available in the Cisco Applied Intelligence companion document for this advisory[4] In order to improve the security posture of their installations, users are recommended to consult the Cisco TelePresence Hardening Guide[5] What to tell your users? ======================== N/A More information ================ [1] CISCO http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20120229-vcs [2] CISCO Software Download http://www.cisco.com/cisco/software/find.html?q=nx-os [3] Information about CVSS: http://www.first.org/cvss/cvss-guide.html [4] Mitigation http://tools.cisco.com/security/center/content/CiscoAppliedMitigationBulletin/cisco-amb-20120229-vcs [5] Hardening http://www.cisco.com/web/about/security/intelligence/TP_Harden_Guide_wp.html Best regards, CERT-EU CERT-EU Pre-configuration Team (http://cert.europa.eu) Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu PGP KeyID 0x46AC4383 FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383 (DISCLAIMER: CERT-EU, the CERT for the EU institutions, is currently in its setup phase, until May 2012. Services are provided in a pilot fashion, and are not yet fully functional. Announcements, alerts and warnings are sent out in best effort manner, and to contact information currently known to us. We apologise if you are not the correct recipient, or if you had already been warned about this issue from another source . Format, content and way of alerting are subject to change in the future. Contact information or even the team name may change as well.) -----BEGIN PGP SIGNATURE----- Version: BCPG v1.39 iQJXBAEBAgBBBQJPTz2EOhxDRVJUIGZvciB0aGUgRXVyb3BlYW4gSW5zdGl0dXRp b25zIDxjZXJ0LWV1QGVjLmV1cm9wYS5ldT4ACgkQJ6QGykasQ4P9dg//eQLAD6BF liFs8nLhqARWia9NAnIolryYPvpTPW7WnOQqTlCe/6nrVKf4zv9f+kgSsZhULxfl 3olmOLre8KIKwGvgVTLM813Ezbz1I3oeuF5fZo5pJ3Gacn6HO3S4jfVcwjlQ1rBV n4RxXu94LYvyV02Jk5ZU5rDxzyhC/lN4tr7JNQVGiuQfGlDwBxfol93gmbcanmq0 vc+2EksWzLgpP91I/NU5qf+yiCXWFvQsnamIZMRPafJXEmU6BWV2kgqRtwRwzBag wMlG44js63OmMu9SARcxGSWV7Kf/Ozca97knsY+5vOgcRb2ziPvTZYkD1awjsv0a hD0SOboeE8KxwQNnvDWyrFZ/hI/bTpm0B8YNEQI3R1iFCT5mwuq77OQK0h6ju6C0 X2E3qZUMzQixJ/JAHcCEtrJ9SwuwahfCHAdCxzMSbESnxUNTgIwuiX76XJ3cmluI ZgMjgQ55+aciymJ3ueTLTCwsKMUI7xGuMjlwz88IHi7qxEx+6p/wBjF6MRnU/aav diC2PqCqOcIAlltNYRJZC+zNEF4+FNjSaRXODYrZGWr67x+ofWeG9prmH5S0T31X tjAG8BcY6+/0PyuP0frDO86Z8y3Nq2/4U31Wwrze+XAO3V+dzcRluKAO7VPmeUHh Xw9smrUSkqDV3sxZEIkJgAq/isC4/R8aql4= =oxlY -----END PGP SIGNATURE-----