Ingate Firewall and SIParator before 4.5.2 allow remote attackers to bypass SIP authentication via a certain maddr parameter. The vendor has addressed this issue through the release of a product upgrade: http://www.ingate.com/upgrades.php