Because telephony is usually a critical application, this damage causes significant disruption to the users and poses tremendous acceptance problems with VoIP.
[5] The vulnerability allows the attacker to crash the server causing remote Denial of Service (DoS) by sending a single malformed packet.
An impersonator can, using a malformed packet, overflow the specific string buffers, add a large number of token characters, and modify fields in an illegal fashion.
As a result, a server is tricked into an undefined state, which can lead to call processing delays, unauthorized access, and a complete denial of service.
Because SIP allows the usage of UDP packets, it is easy for an attacker to spoof any source address in the internet and send the INVITE of death from untraceable locations.