SIP Express Router Missing To In ACK DoS Network Vulnerability

Summary

The remote host is a SIP Express Router (SER). The SER product has been found to contain a vulnerability where ACKs requests without a To header, when SER has been enabled to use the SL module, can be used to crash the product.

Solution

Upgrade to version 0.8.10. For additional details see: http://www.cert.org/advisories/CA-2003-06.html

Severity

Classification

CVE CVE-2003-1108

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Firefox XUL Parsing Denial of Service Vulnerability (Linux)
DB2 DOS
Asterisk RTP Text Frames Denial Of Service Vulnerability
Comodo Internet Security Denial of Service Vulnerability July 13
at32 Reverse Proxy Multiple HTTP Header Fields Denial Of Service Vulnerability

SIP Express Router Missing To in ACK DoS

Take action and discover your vulnerabilities