[原文]Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port.
Cisco IOS SCCP Control Protocol Malformed Message DoS
Remote / Network Access
Denial of Service
Loss of Availability
Cisco IOS contains a flaw that may allow a remote denial of service. The issue is triggered when an attacker sends a specially crafted SCCP Control protocol message, and will result in loss of availability for the IOS device.
Upgrade to versions 12.3(8)T, 12.2(15)T13, 12.3(4)XN2, 12.2(4)YA8, 12.3(9), 12.2(15)JK2, 12.2(13)T14 or higher, as they have been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.