CVE-2010-0580 — Code Injection in Cisco IOS

Vendor	Product	Version range	Fixed in
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—
cisco	ios	—	—

GHSA

GHSA-crxg-42h5-fw55: Unspecified vulnerability in the SIP implementation in Cisco IOS 12

ghsa_unreviewed·2022-05-02

CVE-2010-0580 [HIGH] GHSA-crxg-42h5-fw55: Unspecified vulnerability in the SIP implementation in Cisco IOS 12 Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability."

Cisco

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

vendor_cisco·2010-03-24·CVSS 10.0

CVE-2010-0579 [CRITICAL] CWE-399 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS® Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Remote code execution may also be possible. Cisco has released software updates that address these vulnerabilities. For devices that must run SIP there are no workarounds; however, mitigations are available to limit exposure of the vulnerabilities. This advisory is posted at https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20100324-sip. Note: The March 24, 2010, Cisco IOS Software Security Advisory bundled publication includes seven Securit

Cisco

Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities

vendor_cisco

CVE-2010-0580 Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities CVE-2010-0580: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities Multiple vulnerabilities exist in the Session Initiation Protocol (SIP) implementation in Cisco IOS ® Software that could allow an unauthenticated, remote attacker to cause a reload of an affected device when SIP operation is enabled. Remote code execution may also be possible. Cisco has released software updates that address these vulnerabilities. For devices that must run SIP there are no CWE: CWE-399, CWE-94, CWE-399, CWE-94 Bug IDs: CSCsz48680, CSCsz89904, CSCtb93416, CSCsz48680, CSCsz89904

CVE-2010-0580: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message…

Affected