Michael Thumann has revealed a buffer overflaw in the SIP Foundry’s sipXtapi code (used among others in AOL Triton). The flaw occurs when parsing the CSeq field and permits executing arbitrary code. You can read the report at Neohapsis Archives.