Lucene search

MitreCVE-2008-2085

HistoryMay 12, 2008 - 4:20 p.m.

CVE-2008-2085

2008-05-1216:20:00

CWE-119

mitre

web.nvd.nist.gov

cve-2008-2085

stack-based buffer overflows

sipp

denial of service

application crash

arbitrary code execution

nvd

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.061

Percentile

93.6%

JSON

Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted SIP message.

Affected configurations

Nvd

Node

icewalkerssippMatch3.1

VendorProductVersionCPE
icewalkerssipp3.1cpe:2.3:a:icewalkers:sipp:3.1:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
icewalkers	sipp	3.1	cpe:2.3:a:icewalkers:sipp:3.1:::::::*

References

bugs.debian.org/cgi-bin/bugreport.cgi?bug=479039

secunia.com/advisories/30095

secunia.com/advisories/30993

www.securityfocus.com/bid/29064

www.vupen.com/english/advisories/2008/1447/references

exchange.xforce.ibmcloud.com/vulnerabilities/42234

www.redhat.com/archives/fedora-package-announce/2008-July/msg00311.html

www.redhat.com/archives/fedora-package-announce/2008-July/msg00318.html

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

7.5

Confidence

Low

EPSS

0.061

Percentile

93.6%

JSON

Related for CVE-2008-2085