Lucene search

[email protected]CVE-2008-3210

HistoryJul 18, 2008 - 3:13 p.m.

CVE-2008-3210

2008-07-1815:13:00

CWE-20

[email protected]

web.nvd.nist.gov

cve-2008-3210

resiprocate

dns

denial of service

sip

security advisory

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.099 Low

EPSS

Percentile

94.9%

JSON

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

Affected configurations

NVD

Node

resiprocateresiprocateMatch1.3.2

CPENameOperatorVersion
resiprocate:resiprocateresiprocateeq1.3.2

CPE	Name	Operator	Version
resiprocate:resiprocate	resiprocate	eq	1.3.2

References

labs.mudynamics.com/advisories/MU-200807-01.txt

secunia.com/advisories/31058

securityreason.com/securityalert/4013

www.resiprocate.org/ReSIProcate_1.3.3_Release

www.securityfocus.com/bid/30194

exchange.xforce.ibmcloud.com/vulnerabilities/43770

www.exploit-db.com/exploits/6046

6.7 Medium

AI Score

Confidence

High

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.099 Low

EPSS

Percentile

94.9%

JSON

Related for CVE-2008-3210

prion1 nvd1 cvelist1