SIP Express Router Missing To In ACK DoS Network Vulnerability

Summary

The remote host is a SIP Express Router (SER). The SER product has been found to contain a vulnerability where ACKs requests without a To header, when SER has been enabled to use the SL module, can be used to crash the product.

Solution

Upgrade to version 0.8.10. For additional details see: http://www.cert.org/advisories/CA-2003-06.html

Severity

Classification

CVE CVE-2003-1108
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
freeFTPD PORT Command Denial of Service Vulnerability
Active Perl Denial of Service Vulnerability Feb 2014 (Windows)
Asterisk Products Invalid SDP SIP Channel Driver DoS Vulnerability
Comodo Internet Security Denial of Service Vulnerability-04

SIP Express Router Missing To in ACK DoS

Take action and discover your vulnerabilities