CVE-2003-1108

Name of the Vulnerable Software and Affected Versions Alcatel OmniPCX Enterprise version 5.0 Lx

Description The issue concerns the Session Initiation Protocol (SIP) implementation, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages.

Recommendations For Alcatel OmniPCX Enterprise version 5.0 Lx, consider restricting access to the SIP implementation until a patch is available. As a temporary workaround, disabling the handling of INVITE messages may help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.