Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-27599
HistoryMar 15, 2023 - 9:15 p.m.

Design/Logic Flaw

2023-03-1521:15:00
PRIOn knowledge base
www.prio-n.com
3
opensips
sip server
logic flaw
denial of service
vulnerability
fix

0.001 Low

EPSS

Percentile

34.0%

JSON

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, when the function append_hf handles a SIP message with a malformed To header, a call to the function abort() is performed, resulting in a crash. This is due to the following check in data_lump.c:399 in the function anchor_lump. An attacker abusing this vulnerability will crash OpenSIPS leading to Denial of Service. It affects configurations containing functions that make use of the affected code, such as the function append_hf. This issue has been fixed in versions 3.1.7 and 3.2.4.

CPENameOperatorVersion
opensipslt3.1.7
opensipsge3.2.0
opensipslt3.2.4

Related

osv 1
nvd 1
cvelist 1
cve 1
ubuntucve 1
osv
osv
CVE-2023-27599
2023-03-15 21:15:09
nvd
nvd
CVE-2023-27599
2023-03-15 21:15:09
cvelist
cvelist
CVE-2023-27599 OpenSIPS has vulnerability in the parse_to_param() function
2023-03-15 20:58:06
cve
cve
CVE-2023-27599
2023-03-15 21:15:09
ubuntucve
ubuntucve
CVE-2023-27599
2023-03-15 00:00:00

0.001 Low

EPSS

Percentile

34.0%

JSON
Related for PRION:CVE-2023-27599
osv1nvd1cvelist1cve1ubuntucve1