SJPhone SIP Client INVITE Transaction Remote DoS

Medium Nessus Network Monitor Plugin ID 4105

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running the SJPhone VoIP SIP client.
This protocol is used to connect VoIP users via the Internet. Further, it is alleged that certain versions of SJPhone (prior to 1.65.377a) are prone to a Denial of Service flaw.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.sipera.com/index.php?action=resources

threat_advisory&tid=217&

Plugin Details

Severity: Medium

ID: 4105

File Name: 4105.prm

Family: Generic

Published: 2007/06/20

Modified: 2016/11/23

Dependencies: 4106

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 6.1

Temporal Score: 5.2

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Temporal Vector: CVSS2#E:U/RL:U/RC:ND

CVSSv3

Base Score: 6.4

Temporal Score: 5.8

Vector: CVSS3#AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS3#E:U/RL:U/RC:X

Reference Information

CVE: CVE-2007-3351

BID: 24549