Lucene search
K

54 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:21 a.m.3 views

SUSE CVE-2003-1303

Buffer overflow in the imapfetchoverview function in the IMAP functionality phpimap.c in PHP before 4.3.3 allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long e-mail address in a 1 To or 2 From header...

5CVSS8.3AI score0.11904EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2023/02/15 6:12 a.m.4 views

SUSE CVE-2007-1718

CRLF injection vulnerability in the mail function in PHP 4.0.0 through 4.4.6 and 5.0.0 through 5.2.1 allows remote attackers to inject arbitrary e-mail headers and possibly conduct spam attacks via a control character immediately following folding of the 1 Subject or 2 To parameter, as demonstrat...

7.8CVSS7.7AI score0.06689EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2018/08/09 12:0 a.m.29 views

Debian DSA-4267-1 : kamailio - security update

Henning Westerholt discovered a flaw related to the To header processing in kamailio, a very fast, dynamic and configurable SIP server. Missing input validation in the buildresbuffromsipreq function could result in denial of service and potentially the execution of arbitrary code. C Tenable Netwo...

9.8CVSS8.5AI score0.29303EPSS
Exploits1References4
OSV
OSV
added 2018/07/31 6:29 a.m.4 views

ALPINE-CVE-2018-14767

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "buildresbuffromsipreq" core function. This could result in denial of service and potentially...

9.8CVSS6.9AI score0.29303EPSS
Exploits1References1
OSV
OSV
added 2018/07/31 6:29 a.m.1 views

DEBIAN-CVE-2018-14767

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "buildresbuffromsipreq" core function. This could result in denial of service and potentially...

9.8CVSS8.8AI score0.29303EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2018/07/31 12:0 a.m.5 views

PT-2018-12707 · Kamailio +2 · Kamailio +2

Name of the Vulnerable Software and Affected Versions: Kamailio versions prior to 5.0.7 Kamailio versions 5.1.x prior to 5.1.4 Description: A crafted SIP message with a double "To" header and an empty "To" tag can cause a segmentation fault and crash due to missing input validation in the build r...

10CVSS9.6AI score0.30518EPSS
Exploits6References29
OSV
OSV
added 2017/09/02 4:29 p.m.2 views

DEBIAN-CVE-2017-14098

In the pjsip channel driver respjsip in Asterisk 13.x before 13.17.1 and 14.x before 14.6.1, a carefully crafted tel URI in a From, To, or Contact header could cause Asterisk to crash...

7.5CVSS6.8AI score0.50053EPSS
Exploits0References1
CNVD
CNVD
added 2017/09/01 12:0 a.m.6 views

Digium Asterisk Denial of Service Vulnerability (CNVD-2017-30817)

Digium Asterisk is a set of open source telephone exchange PBX system software from Digium, USA. The software supports voicemail , multi-party voice conferencing , interactive voice response IVR , etc. pjsip channel driver respjsip is one of the pjsip driver . A security vulnerability exists in t...

7.5CVSS7.3AI score0.50053EPSS
Exploits0References1
FreeBSD
FreeBSD
added 2017/08/31 12:0 a.m.22 views

asterisk -- Remote Crash Vulerability in res_pjsip

The Asterisk project reports: A carefully crafted URI in a From, To or Contact header could cause Asterisk to crash...

7.5CVSS7.5AI score0.50053EPSS
Exploits0References1
exploitpack
exploitpack
added 2012/02/02 12:0 a.m.15 views

OfficeSIP Server 3.1 - Denial of Service

OfficeSIP Server 3.1 - Denial of Service Title : OfficeSIP Server Denial Of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.officesip.com Advisory : http://secpod.org/blog/?p=461...

7.3AI score
Exploits0
CVE
CVE
added 2010/09/23 6:0 p.m.61 views

CVE-2010-2835

CVE-2010-2835 affects Cisco IOS Software (12.2–12.4, 15.0–15.1), Cisco IOS-XE 2.5.x/2.6.x before 2.6.1, and CUCM 6.x/7.x/8.x. The flaw resides in SIP processing where a crafted SIP REFER with an invalid Refer-To header can trigger a DoS, causing device reloads or voice-services outages. Fixed ver...

7.8CVSS6.6AI score0.01785EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2009/11/10 6:30 p.m.6 views

DEBIAN-CVE-2009-3727

Asterisk Open Source 1.2.x before 1.2.35, 1.4.x before 1.4.26.3, 1.6.0.x before 1.6.0.17, and 1.6.1.x before 1.6.1.9; Business Edition A.x.x, B.x.x before B.2.5.12, C.2.x.x before C.2.4.5, and C.3.x.x before C.3.2.2; AsteriskNOW 1.5; and s800i 1.3.x before 1.3.0.5 generate different error message...

5CVSS6.6AI score0.04201EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/08/27 12:0 a.m.31 views

[Full-disclosure] DOS vulnerability on Thomson SIP phone ST 2030 using the TO Header

MADYNES Security Advisory : Remote DOS on Thomson SIP phone ST 2030 Date of Discovery 15 February, 2007 Vendor was notified on 1 March 2007 ID: KIPH9 Synopsis After sending a message where the TO URI field is crafted, the device looks functional but in fact does not respond to any event provoking...

0.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2006/04/25 2:33 p.m.6 views

security flaw

Buffer overflow in the imapfetchoverview function in the IMAP functionality phpimap.c in PHP before 4.3.3 allows remote attackers to cause a denial of service segmentation fault and possibly execute arbitrary code via a long e-mail address in a 1 To or 2 From header...

5CVSS6.3AI score0.11904EPSS
Exploits1References4
Rows per page
Query Builder