'[Sip-implementors] [OUSPG#0106 VU#528719]Multiple vulnerabilities in implementations of SIP'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sip-implementors
Subject:    [Sip-implementors] [OUSPG#0106 VU#528719]Multiple vulnerabilities in implementations of SIP
From:       Christian Wieser <chwieser () ees2 ! oulu ! fi>
Date:       2003-02-21 16:31:35
Message-ID: 200302211631.h1LGVZ711526 () ee ! oulu ! fi
[Download RAW message or body]

Dear colleagues,

[slightly shortened from CERT/CC advisory]
OUSPG's most recent research focused on a subset of SIP related to the
INVITE messages. By applying the PROTOS c07-sip test suite to
a variety of popular SIP-enabled products, the OUSPG discovered
impacts ranging from unexpected system behavior and denial of services
to remote code execution.

You can get the full advisory from 

  http://www.cert.org/advisories/CA-2003-06.html

and the "PROTOS Test-Suite: c07-sip" can be found at

  http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/

We are happy for any feedback!

Best regards,

Christian Wieser
mailto:chwieser@ee.oulu.fi

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic