Detections
Analytics

SJPhone SIP Client INVITE Transaction Remote DoS

medium Nessus Network Monitor Plugin ID 4105

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running the SJPhone VoIP SIP client.
This protocol is used to connect VoIP users via the Internet. Further, it is alleged that certain versions of SJPhone (prior to 1.65.377a) are prone to a Denial of Service flaw.

Solution

Upgrade or patch according to vendor recommendations.

See Also

http://www.sipera.com/index.php?action=resources,threat_advisory&tid=217&

Plugin Details

Severity: Medium

ID: 4105

Family: Generic

Published: 6/20/2007

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Temporal Score: 5.2

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

CVSS v3

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 6

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:U/RC:X

Vulnerability Information

CPE: cpe:/a:sj_labs:sjphone

Reference Information

CVE: CVE-2007-3351

BID: 24549