FierceWirelessFierceWirelessEuropeFierceDeveloperFierceMobileContentFierceBroadbandWirelessFierceEnterpriseCommunicationsFierceIPTVFierceTelecomFierceOnlineVideoFierceCable

Free Newsletter

About | View Sample | Privacy

Mu Finds Vulnerability in ReSIProcate

July 13, 2008 — 9:21pm ET | By
Tools

Late on Friday, July 11, Mu Dynamics announced it had discovered a vulnerability in ReSIProcate that could affect several VoIP products.

ReSIProcate is a SIP stack and the advisory applies to any product using repro SIP proxy/registrar 1.3.2; any product using the ReSIProcate stack 1.3.2 may also be vulnerable.  A malformed INVITE or OPTIONS message to the "repro" SIP proxy/registrar can crash the process; the fix is to update to version 1.3.3 issued on July 3, 2008.

Exactly how vulnerable current VoIP deployments are to the vulnerability is an open question; the advisory says the bug was fixed by the ReSIProcate development team in a revision sent out on April 23 and the ReSIProcate development team issued a formal bug fix on July 3.  There is also not a laundry list of commercial and/or open source vendors incorporating reSIProcate into their products.

For more:
- MarketWatch runs MuDynamics security notification
- reSIProcate project website

Related articles:
Avaya, Cisco and Nortel Patching VoIP ASAP
Newport Networks Riles Up VoIP Security Fears


SHARE
WITH:
Email Twitter Facebook LinkedIn StumbleUpon
Get Your FREE FierceEnterpriseCommunications Email Newsletter:


More stories about VoIP Technology   VoIP Security   sip technology   mu systems   Vulnerability   Bug Fix