Lucene search

[email protected]CVE-2003-1110

HistoryMar 11, 2005 - 5:00 a.m.

CVE-2003-1110

2005-03-1105:00:00

[email protected]

web.nvd.nist.gov

columbia sip user agent

sipc

remote attackers

denial of service

arbitrary code

invite messages

ouspg protos

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.039 Low

EPSS

Percentile

92.0%

JSON

The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite.

Affected configurations

NVD

Node

columbia_universitysipcMatch1.74

CPENameOperatorVersion
columbia_university:sipccolumbia university sipceq1.74

CPE	Name	Operator	Version
columbia_university:sipc	columbia university sipc	eq	1.74

References

securitytracker.com/id?1006167

www.cert.org/advisories/CA-2003-06.html

www.cs.columbia.edu/~xiaotaow/sipc/ouspg.html

www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/

www.kb.cert.org/vuls/id/528719

www.securityfocus.com/bid/6904

exchange.xforce.ibmcloud.com/vulnerabilities/11379

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

7.8 High

AI Score

Confidence

High

0.039 Low

EPSS

Percentile

92.0%

JSON

Related for CVE-2003-1110

nvd1 cvelist1 cisco1