Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 VOIP:SIP:AUDIT:INV-CHARACTER

Severity

 Medium

Recommended

 No

Category

 VOIP

Keywords

 sip invalid character

Release Date

 2006/08/30

Update Number

 1213

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SIP: Invalid Character


This anomaly triggers when it detects non-printable ASCII characters in the first line of a Session Initiation Protocol (SIP) request or response.

Extended Description

Many vulnerabilities in Ethereal have been disclosed by the vendor. The reported issues are in various protocol dissectors. These issues include: - Buffer-overflow vulnerabilities - Format-string vulnerabilities - NULL-pointer dereference denial-of-service vulnerabilities - Segmentation fault denial-of-service vulnerabilities - Infinite-loop denial-of-service vulnerabilities - Memory exhaustion denial-of-service vulnerabilities - Double-free vulnerabilities - Unspecified denial-of-service vulnerabilities These issues could allow remote attackers to execute arbitrary machine code in the context of the vulnerable application. Attackers could also crash the affected application. Various vulnerabilities affect several versions of Ethereal, from 0.8.14 through to 0.10.10. This BID will be split into individual BIDs for each separate issue. BID 13567 has been created for the DISTCC issue.

Affected Products

  • Avaya Converged Communications Server 2.0.0
  • Avaya S8300 R2.0.0
  • Avaya S8300 R2.0.1
  • Avaya S8500 R2.0.0
  • Avaya S8500 R2.0.1
  • Avaya S8700 R2.0.0
  • Avaya S8700 R2.0.1
  • Avaya S8710 R2.0.0
  • Avaya S8710 R2.0.1
  • Conectiva Linux 10.0.0
  • Conectiva Linux 9.0.0
  • Ethereal Group Ethereal 0.10.0
  • Ethereal Group Ethereal 0.10.0 .10
  • Ethereal Group Ethereal 0.10.1
  • Ethereal Group Ethereal 0.10.2
  • Ethereal Group Ethereal 0.10.3
  • Ethereal Group Ethereal 0.10.5
  • Ethereal Group Ethereal 0.10.6
  • Ethereal Group Ethereal 0.10.7
  • Ethereal Group Ethereal 0.10.8
  • Ethereal Group Ethereal 0.10.9
  • Ethereal Group Ethereal 0.8.14
  • Ethereal Group Ethereal 0.8.15
  • Ethereal Group Ethereal 0.8.18
  • Ethereal Group Ethereal 0.8.19
  • Ethereal Group Ethereal 0.9.0
  • Ethereal Group Ethereal 0.9.1
  • Ethereal Group Ethereal 0.9.10
  • Ethereal Group Ethereal 0.9.11
  • Ethereal Group Ethereal 0.9.12
  • Ethereal Group Ethereal 0.9.13
  • Ethereal Group Ethereal 0.9.14
  • Ethereal Group Ethereal 0.9.15
  • Ethereal Group Ethereal 0.9.16
  • Ethereal Group Ethereal 0.9.2
  • Ethereal Group Ethereal 0.9.3
  • Ethereal Group Ethereal 0.9.4
  • Ethereal Group Ethereal 0.9.5
  • Ethereal Group Ethereal 0.9.6
  • Ethereal Group Ethereal 0.9.7
  • Ethereal Group Ethereal 0.9.8
  • Ethereal Group Ethereal 0.9.9
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0
  • Red Hat Advanced Workstation for the Itanium Processor 2.1.0 IA64
  • Red Hat Desktop 3.0.0
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux AS 2.1
  • Red Hat Enterprise Linux AS 2.1 IA64
  • Red Hat Enterprise Linux AS 3
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux ES 2.1
  • Red Hat Enterprise Linux ES 2.1 IA64
  • Red Hat Enterprise Linux ES 3
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux WS 2.1
  • Red Hat Enterprise Linux WS 2.1 IA64
  • Red Hat Enterprise Linux WS 3
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora Core1
  • Red Hat Fedora Core2
  • Red Hat Linux 7.3.0
  • Red Hat Linux 7.3.0 I386
  • Red Hat Linux 7.3.0 I686
  • Red Hat Linux 9.0.0 I386
  • SGI Advanced Linux Environment 3.0.0
  • SGI ProPack 2.4.0
  • SGI ProPack 3.0.0
  • SuSE Linux 1.0.0
  • SuSE Linux 2.0.0
  • SuSE Linux 3.0.0
  • SuSE Linux 4.0.0
  • SuSE Linux 4.2.0
  • SuSE Linux 4.3.0
  • SuSE Linux 4.4.0
  • SuSE Linux 4.4.1
  • SuSE Linux 5.0.0
  • SuSE Linux 5.1.0
  • SuSE Linux 5.2.0
  • SuSE Linux 5.3.0
  • SuSE Linux 6.0.0
  • SuSE Linux 6.1.0
  • SuSE Linux 6.1.0 alpha
  • SuSE Linux 6.2.0
  • SuSE Linux 6.3.0
  • SuSE Linux 6.3.0 alpha
  • SuSE Linux 6.3.0 ppc
  • SuSE Linux 6.4.0
  • SuSE Linux 6.4.0 Alpha
  • SuSE Linux 6.4.0 i386
  • SuSE Linux 6.4.0 ppc
  • SuSE Linux 7.0.0
  • SuSE Linux 7.0.0 Alpha
  • SuSE Linux 7.0.0 i386
  • SuSE Linux 7.0.0 ppc
  • SuSE Linux 7.0.0 sparc
  • SuSE Linux 7.1.0
  • SuSE Linux 7.1.0 Alpha
  • SuSE Linux 7.1.0 ppc
  • SuSE Linux 7.1.0 sparc
  • SuSE Linux 7.1.0 x86
  • SuSE Linux 7.2.0
  • SuSE Linux 7.2.0 i386
  • SuSE Linux 7.3.0
  • SuSE Linux 7.3.0 i386
  • SuSE Linux 7.3.0 ppc
  • SuSE Linux 7.3.0 sparc
  • SuSE Linux 8.0.0
  • SuSE Linux 8.0.0 i386
  • SuSE Linux 8.1.0
  • SuSE Linux Connectivity Server
  • SuSE Linux Database Server
  • SuSE Linux Desktop 1.0.0
  • SuSE Linux Enterprise Server for S/390 9.0.0
  • SuSE Linux Enterprise Server for S/390
  • SuSE Linux IMAP Server 1.0.0
  • SuSE Linux Office Server
  • SuSE Linux Openexchange Server
  • SuSE Linux Personal 8.2.0
  • SuSE Linux Personal 9.0.0
  • SuSE Linux Personal 9.0.0 X86 64
  • SuSE Linux Personal 9.1.0
  • SuSE Linux Personal 9.1.0 X86 64
  • SuSE Linux Personal 9.2.0
  • SuSE Linux Personal 9.2.0 X86 64
  • SuSE Linux Personal 9.3.0
  • SuSE Linux Professional 7.3.0
  • SuSE Linux Professional 8.2.0
  • SuSE Novell Linux Desktop 1.0.0
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server 9.0.0
  • SuSE SuSE eMail Server 3.1.0
  • SuSE SuSE eMail Server III
  • SuSE SUSE Linux Enterprise Server 7
  • SuSE SUSE Linux Enterprise Server 8
  • SuSE SUSE Linux Enterprise Server 9
  • SuSE SuSE Linux School Server for i386

References

  • BugTraq: 13504
  • CVE: CVE-2005-1461
  • URL: http://www.frsirt.com/english/advisories/2005/0470
  • URL: http://www.ethereal.com/appnotes/enpa-sa-00019.html

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out