CERT Warns of SIP Vulnerabilities

The CERT Coordination Center on Thursday warned of numerous security
vulnerabilities in vendor implementations of Session Initiation Protocol
(SIP), a signaling protocol for Web conferencing, telephony, presence,
events notification and instant messaging.

A security
alert
from CERT/CC said the vulnerabilities open the doors for an
attacker to gain unauthorized privileged access, cause denial-of-service
attacks, or cause unstable system behavior.

It warned that text-based SIP protocol, used primarily in
Voice-over IP telephony, instant messaging and other presence applications,
contained holes in the subset related to invite message. Tests on a
variety of popular SIP-enabled products detected “unexpected system behavior
and denial-of-services to remote code execution.”

The Center recommended that SIP-enabled devices and services be disabled
until vendor patches are made available. “As a temporary measure, it may
be possible to limit the scope of these vulnerabilities by blocking access
to SIP devices and services at the network perimeter,” CERT/CC said.

SIP-enabled products from IPTel and Nortel Networks were found to be
vulnerable.

News Around the Web