CVE-2011-3276

Name of the Vulnerable Software and Affected Versions Cisco IOS versions 12.1 through 12.4 Cisco IOS versions 15.0 through 15.1 Cisco IOS XE version 3.1.xSG

Description The issue affects the NAT implementation, allowing remote attackers to cause a denial of service by sending crafted SIP packets to TCP port 5060. This is due to multiple denial of service vulnerabilities in the translation of protocols such as NetMeeting Directory (LDAP), Session Initiation Protocol, and H.323 protocol. These vulnerabilities occur when packets in transit require application layer translation.

Recommendations For Cisco IOS versions 12.1 through 12.4, update to a version that addresses these vulnerabilities. For Cisco IOS versions 15.0 through 15.1, update to a version that addresses these vulnerabilities. For Cisco IOS XE version 3.1.xSG, update to a version that addresses these vulnerabilities. As a temporary workaround, consider restricting access to TCP port 5060 to minimize the risk of exploitation.