Multiple Vendor Session Initiation Protocol Vulnerabilities

Multiple Vendor Session Initiation Protocol Vulnerabilities

The Oulu University Secure Programming Group has reported numerous vulnerabilities in Session Initiation Protocol (SIP) implementations. These issues may be exploited to cause a denial of services in devices which implement the protocol. It has also been reported that unauthorized access to devices may occur under some circumstances.

These issues are related to handling of SIP INVITE messages.

Exploitation and the specific nature of each vulnerability may depend on the particular implementation.