Signature Detail

Short Name	VOIP:SIP:RESPR-INV-OPT-OF
Severity	High
Recommended	No
Recommended Action	Drop
Category	VOIP
Release Date	2008/07/21
Update Number	1216
Supported Platforms	idp-4.0+, isg-3.1.134269+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

SIP: ReSIProcate VoIP Overflow

This signature detects attempts to exploit a known vulnerability in ReSIProcate SIP stack. Sending an overly long INVITE or OPTIONS request to a VoIP gateway running ReSIProcate can cause either a denial of service (DoS) or can allow an attacker to take control of the gateway with the priviledges of the gateway process. Patches are available. This signature can trigger on non-malicious sessions from devices that send extra data. Use this signature only if you have a VoIP gateway running ReSIProcate installed in your network.

References

URL: http://labs.mudynamics.com/advisories/MU-200807-01.txt
URL: https://www.resiprocate.org/ReSIProcate_1.3.3_Release

Signature Detail

Short Name

Severity

Recommended

Recommended Action

Category

Release Date

Update Number

Supported Platforms

SIP: ReSIProcate VoIP Overflow

References