|
Multiple Vendor Session Initiation Protocol Vulnerabilities
Solution: Cisco IP Phone models 7940 and 7960 with SIP images prior to 4.2 are affected. Cisco has addressed this issue in Cisco IP Phone SIP Images P0S3-04-2-00 and later. Cisco has fixed this issue in PIX Firewall 5.2(9), 6.0(4), 6.1(4), and 6.2(2) and later. Cisco IOS 12.2(11)T3 and 12.2(13)T1 include fixes. Further details may be found in the attached Cisco advisory. IPTel has addressed this issue in SIP Express Router 0.8.10. Users are advised to upgrade and also apply all patches available for this version. partysip, a freely available implementation of a SIP proxy server, is prone to these issues. *** It has been discovered that partysip 0.5.5 still contained vulnerable attributes. partysip 0.5.6 has been released which addresses these issues. Nortel Networks has announced that fixes are pending for Succession Communication Server 2000 and Succession Communication Server 2000 - Compact. Alcatel is currently developing a fix which will address this issue. Users are advised to contact Alcatel for further information. Users of Sipc are advised to contact kchin@sipcomm.com to obtain information on obtaining the Sipc 2.0 update. It has been discovered that GNU oSIP is affected by this issue. oSIP 0.9.6 has been released which addresses the problem. Dynamicsoft has announced that various applications may be vulnerable to this issue. Further information can be found in the attached advisory. partysip partysip 0.5.1 -1
partysip partysip 0.5.1
partysip partysip 0.5.2 -1
partysip partysip 0.5.2
partysip partysip 0.5.3 -1
partysip partysip 0.5.3
partysip partysip 0.5.4
partysip partysip 0.5.5
GNU osip 0.9.5
|
|
|
Privacy Statement |
