FKIE_CVE-2008-3810

Vulnerability from fkie_nvd - Published: 2008-09-26 16:21 - Updated: 2026-06-16 22:56
Severity
Summary
Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811.
Impacted products
Vendor Product Version
cisco ios 12.4md
cisco ios 12.4mr
cisco ios 12.4sw
cisco ios 12.4t
cisco ios 12.4xc
cisco ios 12.4xe
cisco ios 12.4xf
cisco ios 12.4xg
cisco ios 12.4xj
cisco ios 12.4xk
cisco ios 12.4xl
cisco ios 12.4xm
cisco ios 12.4xn
cisco ios 12.4xp
cisco ios 12.4xt
cisco ios 12.4xv
cisco ios 12.4xw

{
  "affected": [
    {
      "affectedData": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "source": "psirt@cisco.com"
    }
  ],
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4md:*:*:*:*:*:*:*",
              "matchCriteriaId": "A2222EED-6CB2-4D18-8AF5-FAE55BC6213F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4mr:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7414D32-88A1-416E-A717-3F47B6D1BE74",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4sw:*:*:*:*:*:*:*",
              "matchCriteriaId": "370DC543-AC01-4B91-88C7-60C323E35929",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4t:*:*:*:*:*:*:*",
              "matchCriteriaId": "BEAD7398-D1B2-47FB-952D-8C3162D5A363",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xc:*:*:*:*:*:*:*",
              "matchCriteriaId": "544BD924-2CBD-4130-BBD3-5AD084C85FE5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xe:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1F36C3D-E9A2-41A1-BE71-4D8B00D228E0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xf:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D1CD80F-E898-41CE-8A86-28C2F48B928A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xg:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C3C3B97-7F1E-4B87-AD44-E4230BCDAB7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xj:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF610051-1638-4C1B-9864-11E34EFC4DE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xk:*:*:*:*:*:*:*",
              "matchCriteriaId": "78260223-50C0-48F8-9A65-AE67489E602C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xl:*:*:*:*:*:*:*",
              "matchCriteriaId": "18E39462-4CEE-4C29-8B60-50E05FCF3E91",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xm:*:*:*:*:*:*:*",
              "matchCriteriaId": "3FF16123-CCA0-4ECD-9B8C-AC1534C3F244",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xn:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC7454AF-7610-4CD3-BD2B-95A6C3283811",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xp:*:*:*:*:*:*:*",
              "matchCriteriaId": "AB633E6C-025C-4B31-ABE7-8318C813376B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xt:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFED1FFB-899D-4A48-9CCA-0B8737AE1408",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xv:*:*:*:*:*:*:*",
              "matchCriteriaId": "883FA166-2973-42BA-842D-28FBDBFEAC4A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:cisco:ios:12.4xw:*:*:*:*:*:*:*",
              "matchCriteriaId": "4362045B-7065-4FF9-A977-B3DA7894F831",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811."
    },
    {
      "lang": "es",
      "value": "En Cisco IOS v12.2 y 12.4, cuando el soporte de Fragmentaci\u00f3n del protocolo de control de llamada NAT Skinny (SCCP) est\u00e1 habilitado, permite a atacantes de control remoto causar denegaci\u00f3n de servicio (reinicio de dispositivo) a trav\u00e9s de mensajes SCCP segmentados, aka CSCsg22426, una vulnerabilidad distinta de CVE-2008-3811."
    }
  ],
  "id": "CVE-2008-3810",
  "lastModified": "2026-06-16T22:56:35.087",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 7.8,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2008-09-26T16:21:44.300",
  "references": [
    {
      "source": "psirt@cisco.com",
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0148e.shtml"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securityfocus.com/bid/31359"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.securitytracker.com/id?1020937"
    },
    {
      "source": "psirt@cisco.com",
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "psirt@cisco.com",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6112"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/31990"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.cisco.com/en/US/products/products_security_advisory09186a0080a0148e.shtml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/31359"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id?1020937"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2008/2670"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6112"
    }
  ],
  "sourceIdentifier": "psirt@cisco.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…