CVE-2007-0961

Name of the Vulnerable Software and Affected Versions: Cisco PIX 500 and ASA 5500 Series Security Appliances versions 6.x through 6.3(5.114), 7.0 through 7.0(5.1), and 7.1 through 7.1(2.4) Cisco FWSM versions 3.x through 3.1(3.23)

Description: The issue allows remote attackers to cause a denial of service, resulting in a device reboot, via malformed SIP packets when the inspect sip option is enabled. This could lead to an unauthenticated, remote attacker causing a denial of service condition.

Recommendations: For Cisco PIX 500 and ASA 5500 Series Security Appliances versions 6.x through 6.3(5.114), update to version 6.3(5.115) or later. For Cisco PIX 500 and ASA 5500 Series Security Appliances versions 7.0 through 7.0(5.1), update to version 7.0(5.2) or later. For Cisco PIX 500 and ASA 5500 Series Security Appliances versions 7.1 through 7.1(2.4), update to version 7.1(2.5) or later. For Cisco FWSM versions 3.x through 3.1(3.23), update to version 3.1(3.24) or later. As a temporary workaround, consider disabling the inspect sip option until a patch is available.