VoIP.SIP.INVITE.Message.PROTOS.Test.Suite

description-logoDescription

This indicates an attempt to exploit one of several vulnerabilities in various implementations of the Session Initiation Protocol (SIP).
The vulnerabilities are a result of deficiencies in the handling of INVITE messages in several vendors' implementations. A remote authenticated attacker can cause a denial of service and possibly execute arbitrary code via crafted INVITE messages.

affected-products-logoAffected Products

Avaya Converged Communication Server Any version
Cisco IOS 12.2T
Cisco IOS 12.2X
Cisco IP Phone 7940
Cisco IP Phone 7960
Cisco PIX Firewall 5.2(1) and later
Columbia University Sipc 1.74
Dymanicsoft Java SIP User Agent 6.0
Dymanicsoft Java SIP User Agent 5.0
Dymanicsoft C++ SIP User Agent
Dymanicsoft AppEngine
GNU osip 0.9.5
IPTel SIP Express Router (ser) 0.8.9 and prior
Nortel Succession Communication Server 2000
Nortel Succession Communication Server 2000 - Compact
partysip partysip 0.5.5 and prior

Impact logoImpact

System compromise: remote code execution.

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)