osip -- Improper Restriction of Operations within the Bounds of a Memory Buffer

2017-04-13T00:00:00
ID 15A62F22-098A-443B-94E2-2D26C375B993
Type freebsd
Reporter FreeBSD
Modified 2017-04-13T00:00:00

Description

osip developers reports:

In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message can lead to a heap buffer overflow in the msg_osip_body_parse() function defined in osipparser2/osip_message_parse.c, resulting in a remote DoS.