Intrusion Prevention

SIP.Invite.Invalid.IP4.DoS

Description

This indicates an attack attempt against a denial-of-service vulnerability in the channel driver in Asterisk.
The vulnerability is caused by an error when the vulnerable software handles a specially crafted SIP INVITE message. It allows a remote attacker to cause a denial of service.

Affected Products

Asterisk Asterisk 1.4.1
Asterisk Asterisk 1.2.16
Asterisk Asterisk 1.2.15
Asterisk Asterisk 1.2.14

Impact

Denial of service

Recommended Actions

Upgrade to Asterisk version 1.4.2 or 1.2.17:
http://www.asterisk.org/downloads

CVE References

CVE-2007-1561