SIP: Header Value URI Type Overflow

This signature detects a maliciously crafted Session Initiation Protocol (SIP) request containing a malformed SIP URI. The improperly formatted URI can be designed to exploit a buffer overflow condition in a device that handles the SIP protocol.

Extended Description

Successful exploitation would allow for arbitrary code injection and execution with the privileges of the user running the SIP application. Code injection that does not result in execution would crash the application due to memory corruption and would result in the denial of service condition.

Short Name
VOIP:SIP:OVERFLOW:HDR-URI-OF
Severity
Major
Recommended
False
Recommended Action
Drop
Category
VOIP
Keywords
Header Overflow Type URI Value
Release Date
06/29/2006
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3375
False Positive
Unknown

Found a potential security threat?