CVE-2011-3278

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.1 through 12.4 Cisco IOS versions 15.0 through 15.1 Cisco IOS XE version 3.1.xSG

Description The issue is related to the NAT implementation in Cisco IOS, allowing remote attackers to cause a denial of service (device reload) by sending crafted SIP packets to UDP port 5060. The Cisco IOS Software network address translation (NAT) feature contains multiple denial of service (DoS) vulnerabilities in the translation of protocols such as NetMeeting Directory (LDAP), Session Initiation Protocol, and H.323 protocol. These vulnerabilities are caused by packets in transit on the affected devices when those packets require application layer translation.

Recommendations For Cisco IOS versions 12.1 through 12.4, update to a version that addresses these vulnerabilities. For Cisco IOS versions 15.0 through 15.1, update to a version that addresses these vulnerabilities. For Cisco IOS XE version 3.1.xSG, update to a version that addresses these vulnerabilities. As a temporary workaround, consider restricting access to UDP port 5060 to minimize the risk of exploitation.