CERT Warns of SIP Vulnerabilities
The text-based signaling protocol contains numerous security bugs that could lead to denial-of-service attacks.
A security alert from CERT/CC said the vulnerabilities open the doors for an attacker to gain unauthorized privileged access, cause denial-of-service attacks, or cause unstable system behavior.
It warned that text-based SIP
The Center recommended that SIP-enabled devices and services be disabled until vendor patches are made available. "As a temporary measure, it may be possible to limit the scope of these vulnerabilities by blocking access to SIP devices and services at the network perimeter," CERT/CC said.