Denial of Service : SIP Express Router Missing To in ACK DoS

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 146377 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.11964

Kategorie: Denial of Service

Titel: SIP Express Router Missing To in ACK DoS

Zusammenfassung: The remote host is a SIP Express Router (SER).;; The SER product has been found to contain a vulnerability where ACKs; requests without a To header, when SER has been enabled to use the SL module,; can be used to crash the product.

Beschreibung: Summary:
The remote host is a SIP Express Router (SER).

The SER product has been found to contain a vulnerability where ACKs
requests without a To header, when SER has been enabled to use the SL module,
can be used to crash the product.

Solution:
Upgrade to version 0.8.10.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2003-1108
BugTraq ID: 6904
http://www.securityfocus.com/bid/6904
http://www.cert.org/advisories/CA-2003-06.html
CERT/CC vulnerability note: VU#528719
http://www.kb.cert.org/vuls/id/528719
http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5831
XForce ISS Database: sip-invite(11379)
https://exchange.xforce.ibmcloud.com/vulnerabilities/11379

Copyright Copyright (C) 2003 Noam Rathaus

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.11964
Kategorie:	Denial of Service
Titel:	SIP Express Router Missing To in ACK DoS
Zusammenfassung:	The remote host is a SIP Express Router (SER).;; The SER product has been found to contain a vulnerability where ACKs; requests without a To header, when SER has been enabled to use the SL module,; can be used to crash the product.
Beschreibung:	Summary: The remote host is a SIP Express Router (SER). The SER product has been found to contain a vulnerability where ACKs requests without a To header, when SER has been enabled to use the SL module, can be used to crash the product. Solution: Upgrade to version 0.8.10. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2003-1108 BugTraq ID: 6904 http://www.securityfocus.com/bid/6904 http://www.cert.org/advisories/CA-2003-06.html CERT/CC vulnerability note: VU#528719 http://www.kb.cert.org/vuls/id/528719 http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5831 XForce ISS Database: sip-invite(11379) https://exchange.xforce.ibmcloud.com/vulnerabilities/11379
Copyright	Copyright (C) 2003 Noam Rathaus