CVE-2007-4295

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.0 through 12.4

Description The issue allows remote attackers to execute arbitrary code via a malformed SIP packet. Multiple voice-related vulnerabilities are identified in Cisco IOS software, pertaining to protocols or features such as Session Initiation Protocol (SIP), Media Gateway Control Protocol (MGCP), H.323, H.254, Real-time Transport Protocol (RTP), and facsimile reception.

Recommendations For Cisco IOS versions 12.0 through 12.4, update to a fixed version of Cisco IOS software that contains fixes for all vulnerabilities mentioned in the advisory. As a temporary workaround, consider disabling the affected protocols or features, such as SIP, MGCP, H.323, H.254, RTP, and facsimile reception, until a patch is available.