22th Feb 2003 [SBWID-6010]
COMMAND
	Cisco SIP remote crash
SYSTEMS AFFECTED
	  * Cisco IP Phone Model 7940/7960 running SIP images prior to 4.2
	  * Cisco Routers running Cisco IOS 12.2T and 12.2 'X' trains
	  * Cisco PIX Firewall running software versions with SIP support, beginning
	    with version 5.2(1) and up to, but not including versions 6.2(2), 6.1(4),
	    6.0(4) and 5.2(9)
	Cisco products that are not running the SIP  protocol  or  that  do  not
	provide Network Address Translation (NAT) fixup  services  for  the  SIP
	protocol are not affected.
PROBLEM
	From Cisco Security Advisory: "Multiple  Product  Vulnerabilities  found
	by PROTOS SIP Test Suite"
	
	 http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml
	
	SIP  is  the  Internet  Engineering  Task  Force  (IETF)  standard   for
	multimedia   conferencing   over   IP.   SIP    is    an    ASCII-based,
	application-layer control protocol (defined in RFCs 2543 and 3261)  that
	can be used to establish, maintain, and terminate calls between  two  or
	more endpoints.
	The  vulnerabilities   identified   can   be   easily   and   repeatedly
	demonstrated with the use of the OUSPG  "PROTOS"  Test  Suite  for  SIP.
	This suite is designed to test the design limits of  the  implementation
	of the SIP protocol, specifically the SIP INVITE messages that are  used
	in the initial call setup between two SIP endpoints.
SOLUTION
	For detailed solutions and workaround, check :
	
	 http://www.cisco.com/warp/public/707/cisco-sa-20030221-protos.shtml