4 matches found
Linux Distros Unpatched Vulnerability : CVE-2020-28361
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection...
mod_wsgi: Trusted Proxy Headers Removing Bypass
A vulnerability was found in modwsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing...
UBUNTU-CVE-2020-28361
Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...
Fhg Fokus Kamailio Environmental Issues Vulnerabilities
Fhg Fokus Kamailio is an open source Sip server from the Fhg Fokus Institute in Germany. The server mainly supports IP telephony services. A security vulnerability exists in Kamailio versions prior to 5.4.0, which stems from a vulnerability that allows bypassing the header removal protection...