- Cisco IP Phone Model 7940/7960 running SIP images prior to 4.2
- Cisco Routers running Cisco IOS 12.2T and 12.2 "X" trains
- Cisco PIX Firewall running software versions with SIP support, beginning with version 5.2(1) and up to, but not including, versions 6.2(2), 6.1(4), 6.0(4), and 5.2(9)
- Nortel reports that its Succession Communication Server 2000 and SCS2000-compact where SIP-T is used will require a patch. Nortel Networks says it will release the patch soon.
- IPTel reports that versions of SIP Express Router through 0.8.9 are vulnerable. The company recommends an immediate upgrade to 0.8.10 and suggests that users also apply a patch to the upgrade. Click here for more information.
- According to the CERT vendor listing, Lucent is still testing its products.
- Nokia reports that its VPN products don't initiate SIP sessions.
- NEC has reported that some products, including the IX 1000/2000/5000 Router Series, have already been tested and do not support SIP, but the company is still testing other products.
- Microsoft products use SIP clients but are not affected by this threat.
sip 5060/tcp # Session Initiation Protocol (SIP)
sip 5061/tcp # Session Initiation Protocol (SIP) over TLS However, you should also keep in mind that blocking SIP could also prevent access to some utilised services. Final word If you -- like most of us -- are interested in the proper release of information about vulnerabilities such as this one (and others I feature in this column), the University of Oulu offers an excellent resource on this topic that includes various links on vulnerability disclosure policies.
For a weekly round-up of the enterprise IT news, sign up for the Enterpise newsletter.
Tell us what you think in the Enterprise Mailroom.
