Signature Detail

SIP: MultiTech VoIP Gateway Invite Overflow

This signature detects attempts to exploit a known vulnerability in MultiTech's VoIP Gateway product. Sending an overly long INVITE request to a MultiTech VOIP Gateway can cause either a denial of service (DoS) or can allow an attacker to take control of the gateway with the priviledges of the gateway process. Patches are available. This signature can trigger on non-malicious sessions from devices that send extra data. Use this signature only if you have a MultiTech VOIP Gateway installed in your network.

Extended Description

MultiTech MultiVOIP devices are prone to a remotely exploitable buffer overflow vulnerability. Successful exploitation could result in a denial of service or potential arbitrary code execution. This vulnerability may also be present in third-party devices that implement the MultiTech VOIP Gateway and protocol stack.

Affected Products

• MultiTech MultiVOIP

References

• BugTraq: 15711
• CVE: CVE-2005-4050
• URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4050
• URL: http://www.frsirt.com/english/advisories/2005/2781