Lucene search

[email protected]CVE-2003-1112

HistoryMar 11, 2005 - 5:00 a.m.

CVE-2003-1112

2005-03-1105:00:00

[email protected]

web.nvd.nist.gov

ingate

firewall

siparator

sip

implementation

cve-2003-1112

denial of service

remote attack

arbitrary code execution

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.9%

JSON

The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.

Affected configurations

NVD

Node

ingateingate_firewall

ingateingate_siparator

CPENameOperatorVersion
ingate:ingate_firewallingate ingate firewalleq*
ingate:ingate_siparatoringate ingate siparatoreq*

CPE	Name	Operator	Version
ingate:ingate_firewall	ingate ingate firewall	eq	*
ingate:ingate_siparator	ingate ingate siparator	eq	*

References

www.cert.org/advisories/CA-2003-06.html

www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/

www.kb.cert.org/vuls/id/528719

www.securityfocus.com/bid/6904

exchange.xforce.ibmcloud.com/vulnerabilities/11379

7.8 High

AI Score

Confidence

High

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.9%

JSON

Related for CVE-2003-1112

cvelist1 nvd1 cisco1