SID 1:11984

Report a false positive

Rule Category

PROTOCOL-VOIP -- Snort has detected traffic that may indicate the presence of the VOIP protocol or vulnerabilities in the VOIP protocol on the network.

Alert Message

PROTOCOL-VOIP Time header contains long value

Rule Explanation

This event is generated when an attempt is made to send a malformed communication to a Voice over Internet Protocol (VoIP) device. Impact: Unknown. Details: This event indicates that "SDP Oversized Time Value" has occurred. Some events may indicate that a VoIP device is in use on the protected network. This may be a policy violation. Ease of Attack: Simple.

What To Look For

No information provided

Known Usage

No public information

False Positives

No known false positives

Contributors

Cisco Talos

Rule Groups

No rule groups

CVE

None

Additional Links

www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/
www.ietf.org/rfc/rfc4566.txt

Rule Vulnerability

No information provided

CVE Additional Information

This product uses data from the NVD API but is not endorsed or certified by the NVD.

None