Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 VOIP:SIP:LIMITS:CSEQ-OF

Severity

 High

Recommended

 No

Recommended Action

 Drop Packet

Category

 VOIP

Keywords

 CSEQ Too Long

Release Date

 2007/07/18

Update Number

 1213

Supported Platforms

 idp-4.0.110090709+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SIP: CSEQ Too Long


This signature triggers on traffic containing SIP CSeq: headers longer than 32 bytes, which can indicate a potential issue.

Extended Description

Asterisk is prone to multiple remote denial-of-service vulnerabilities. Successful exploits can crash the SIP channel driver, resulting in denial-of-service conditions for legitimate users. The issues affect the Asterisk 1.6.1. NOTE: Other versions may also include the affected code but may not be exploitable because they do not allow SIP packets to exceed 1500 bytes total.

Affected Products

  • Asterisk 1.6.1
  • Asterisk 1.6.2
  • Asterisk 1.6.3
  • Gentoo Linux
  • Red Hat Fedora 10

References

  • BugTraq: 36015
  • CVE: CVE-2009-2726
  • URL: http://www.ietf.org/rfc/rfc3261.txt

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out