Strix
26.1K

CVE-2009-0630

UnknownEPSS 1.76%

Last modified

CVE-2009-0630 is a vulnerability of currently unknown severity. The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.. EPSS estimates a 1.76% chance of exploitation in the next 30 days.

Description

The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.

Metrics

EPSS Probability
1.76%

75.2th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
CiscoIos12.0
CiscoIos12.0da
CiscoIos12.0db
CiscoIos12.0dc
CiscoIos12.0s
CiscoIos12.0sc
CiscoIos12.0sl
CiscoIos12.0sp
CiscoIos12.0st
CiscoIos12.0sx
CiscoIos12.0sy
CiscoIos12.0sz
CiscoIos12.0t
CiscoIos12.0w
CiscoIos12.0wc
CiscoIos12.0wt
CiscoIos12.0wx
CiscoIos12.0xa
CiscoIos12.0xb
CiscoIos12.0xc
CiscoIos12.0xd
CiscoIos12.0xe
CiscoIos12.0xg
CiscoIos12.0xh
CiscoIos12.0xi
CiscoIos12.0xj
CiscoIos12.0xk
CiscoIos12.0xl
CiscoIos12.0xm
CiscoIos12.0xn
CiscoIos12.0xq
CiscoIos12.0xr
CiscoIos12.0xs
CiscoIos12.0xt
CiscoIos12.0xv
CiscoIos12.1
CiscoIos12.1aa
CiscoIos12.1ax
CiscoIos12.1ay
CiscoIos12.1az
CiscoIos12.1cx
CiscoIos12.1da
CiscoIos12.1db
CiscoIos12.1dc
CiscoIos12.1e
CiscoIos12.1ea
CiscoIos12.1eb
CiscoIos12.1ec
CiscoIos12.1eo
CiscoIos12.1eu

Showing 50 of 310 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2009-0630?
The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets.
How severe is CVE-2009-0630?
Severity scoring for CVE-2009-0630 is pending analysis. The EPSS model estimates a 1.76% probability of exploitation in the next 30 days.
How do I fix CVE-2009-0630?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2009-0630?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST