Microsoft Communications Server SIP Invite Denial of Service Vulnerability

Text Box: Terms and Conditions Copyright® 2008 SecPod, All rights reserved. info@secpod.com

SecPod ID: 10050

Microsoft Communications Server SIP Invite Denial of Service Vulnerability

Status: Public Report

Release Date: 02-12-2008

Severity: Medium

CVSS Base Score: 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P)

CVSS Temporal Score = 4.5

Affected Software/OS/Device:

Microsoft Communication Server 2007.

Impact Level: System

Snort Signature ID:

Vulnerability Insight:

Overview:

Microsoft Communications Server is prone to Denial of Service Vulnerability.

Description:

This flaw is due to a flaw in the processing of SIP messages which can

cause usages of huge amout of CPU resources and can deny the service as well.

Impact :

Successful exploitation will let the attacker cause denial of service

and can crash the listening server.

CVSS Score Report:

    ACCESS_VECTOR = NETWORK
    ACCESS_COMPLEXITY = LOW
    AUTHENTICATION = NOT_REQUIRED
    CONFIDENTIALITY_IMPACT = NONE
    INTEGRITY_IMPACT = NONE
    AVAILABILITY_IMPACT = PARTIAL
    EXPLOITABILITY = PROOF_OF_CONCEPT
    REMEDIATION_LEVEL = UNAVAILABLE
    REPORT_CONFIDENCE = CONFIRMED
    CVSS Base Score = 5.0 (AV:N/AC:L/Au:NR/C:N/I:N/A:P)
    CVSS Temporal Score = 4.5
    Risk factor = Medium

Fix:

No solution/patch is available as on 02nd December, 2008. Information

regarding this issue will be updated once the solution details are available.

For updates refer,
http://office.microsoft.com/en-us/communicationsserver/FX101729111033.aspx

References:
http://secunia.com/Advisories/32940
http://www.voipshield.com/research-details.php?id=133
http://milw0rm.com/exploits/7262 http://xforce.iss.net/xforce/xfdb/46673

Home Corporate Resources Report Security Bug Diary