CERT Warns of SIP Vulnerabilities

The CERT Coordination Center on Thursday warned of numerous security vulnerabilities in vendor implementations of Session Initiation Protocol (SIP), a signaling protocol for Web conferencing, telephony, presence, events notification and instant messaging.

A security alert from CERT/CC said the vulnerabilities open the doors for an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.

It warned that text-based SIP protocol, used primarily in Voice-over IP telephony, instant messaging and other presence applications, contained holes in the subset related to invite message. Tests on a variety of popular SIP-enabled products detected "unexpected system behavior and denial-of-services to remote code execution."

The Center recommended that SIP-enabled devices and services be disabled until vendor patches are made available. "As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SIP devices and services at the network perimeter," CERT/CC said.

SIP-enabled products from IPTel and Nortel Networks were found to be vulnerable.