Intrusion Prevention

IBM.WebSphere.Application.Server.SIP.Processing.DoS

Description

This indicates an attempt to exploit a Denial of Service vulnerability in IBM WebSphere Application Server.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application while handling maliciously crafted requests. A remote attacker can exploit this to perform a denial of service attack on the target server via a crafted SIP message.

Affected Products

IBM WebSphere Application Server 7.0
IBM WebSphere Application Server 8.0
IBM WebSphere Application Server 8.5 Full Profile and Liberty
IBM WebSphere Application Server 8.5.5 Full Profile and Liberty
IBM WebSphere Application Server 9.0

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Apply the latest update from the vendor.
http://www-01.ibm.com/support/docview.wss?uid=swg21984796

CVE References

CVE-2016-2960