SES SIP SQL Denial of Service
The Avaya Communication Manager and the SIP Enablement Services (SES) allow leveraging the SIP protocol to improve the connectivity and openness of Communication Manager by allowing SIP-based clients to connect to the Communication Manager.
SIP users typically employ basic authentication in order to authenticate to the server. By using valid credentials it is possible for an attacker to inject arbitrary SQL commands to cause the SES to consume all available resources and degrade the availability and quality of service to all users.
Denial of Service
Communication Manager 3.1.x, Communication Manager 4.x
In order to address this vulnerability Avaya recommends upgrade to SES ver 5.1 or later. More details could be found in http://support.avaya.com/elmodocs2/security/ASA-2008-150.htm
In the short term it is recommended that a VoIP aware IPS product, such as VoIPguard, with signatures to detect attempts to exploit this issue, be implemented to prevent it from being exploited. Implementing best practices can limit the exposure of this issue by disallowing SIP access from unauthorized network locations.
Implementing stronger authentication can assist in reducing the number of attackers in a position to exploit the issue, though requires additional system management effort.
Avaya customers with a valid support agreement may wish to speak with their support contact in order to obtain further vendor details.
Each line represents an individual vulnerability or group of vulnerabilities. For example, "UCM Multiple Hardcoded Passwords" is presented here in a single line but was reported to Nortel as sixteen (16) individual vulnerabilities.
Click on a level for description
Vendor Response LegendPatch available
Attempting to address the issue
No vendor response