VOIP: IBM WebSphere Application Server SIP Processing Denial of Service

This signature detects attempts to exploit a known vulnerability against IBM WebSphere Application Server. A successful attack can result in a denial-of-service condition.

Extended Description

IBM WebSphere Application Server (WAS) 7.x before 7.0.0.43, 8.0.0.x before 8.0.0.13, 8.5.0.x before 8.5.5.10, 8.5.0.x and 16.0.0.x Liberty before Liberty Fix Pack 16.0.0.3, and 9.0.0.x before 9.0.0.1 allows remote attackers to cause a denial of service via crafted SIP messages.

Affected Products

Ibm websphere_application_server

References

CVE: CVE-2016-2960

Short Name
VOIP:SIP:IBM-WEBAPP-SIP-OVRFL
Severity
Major
Recommended
True
Recommended Action
Drop
Category
VOIP
Keywords
Application CVE-2016-2960 Denial IBM Processing SIP Server Service WebSphere of
Release Date
09/08/2016
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown
Vendors

Ibm

CVSS Score

4.3

Found a potential security threat?