Update: SIP vulnerability found by PROTOS test suite
Per Cederqvist
ceder@ingate.com
27 Feb 2003 11:26:54 +0100
On February 24, 2003, I wrote:
> On February 21, 2003 CERT/CC released "CERT Advisory CA-2003-06
> Multiple vulnerabilities in implementations of the Session
> Initiation Protocol (SIP)". We have now tested Ingate Firewall
> version 3.1.1, and found that it is vulnerable to the problem if the
> SIP relay is active.
>
> [...] We do not yet know if execution of arbitrary code is possible
> due to this problem.
(See http://lists.ingate.com/pipermail/productinfo/2003/000001.html
for the full mail.)
We have now analyzed the issues uncovered by the PROTOS test suite.
None of the problems we found could be used to gain unauthorized
access to the Ingate Firewall/Ingate SIParator or to the protected
networks. They can, however, be used in a denial-of-service attack.
We will make a new release that fixes these problems as soon as
possible. I believe we will be able to release it early next week.
--
Per Cederqvist <ceder@ingate.com>, Director Development, Ingate Systems AB