SIP in higher education

[Candace Holman <>]

Fyi, released today.  Excerpted from SANS @RISK:

SIPfoundry sipXtapi Buffer Overflow

Affected:
sipXtapi library versions compiled before 24-Mar-2006
PingTel products compiled against those versions of the library
AOL Triton products compiled against those versions of the library

Details: SIPfoundry is an international software community dedicated to
accelerating the adoption of SIP (Session Initiation Protocol)-based
VoIP solutions. One of SIPfoundry's products, the sipXtapi library, is
used by multiple cross-platform VoIP applications. This library contains
a buffer overflow that can be triggered by sending a "CSeq" SIP header
field larger than 24 bytes. An attacker can exploit the flaw to execute
arbitrary code with the privileges of the user running the affected
application. Note that several common user applications, including AOL's
Triton messaging application, are compiled using vulnerable versions of
the library. Exploit code for this vulnerability has been publicly
posted.

Status: SIPfoundry confirmed, updates available. Updates from PingTel
and AOL are also available.

References:
Posting by Michael Thumann
http://archives.neohapsis.com/archives/fulldisclosure/2006-07/0160.html
SIPfoundry sipXtapi Home Page
http://www.sipfoundry.org/sipXtapi/index.html 
SIPfoundry Home Page
http://www.sipfoundry.org/
SecurityFocus BID
http://www.securityfocus.com/bid/18906