9 matches found
USN-6022-1: Kamailio vulnerabilities
It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. CVE-2018-16657 It was discovered...
USN-6022-1 kamailio vulnerabilities
It was discovered that Kamailio did not properly sanitize SIP messages under certain circumstances. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM and 18.04 ESM. CVE-2018-16657 It was discovered...
Debian DSA-4292-1 : kamailio - security update
Henning Westerholt discovered a flaw related to the Via header processing in kamailio, a very fast, dynamic and configurable SIP server. An unauthenticated attacker can take advantage of this flaw to mount a denial of service attack via a specially crafted SIP message with an invalid Via header. ...
[SECURITY] [DSA 4292-1] kamailio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4292-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 11, 2018 https://www.debian.org/security/faq -...
[SECURITY] [DSA 4292-1] kamailio security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4292-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso September 11, 2018 https://www.debian.org/security/faq -...
CVE-2018-16657
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. An additional error is present ...
CVE-2018-16657
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcittstringarray core function for calculating a CRC hash for To tags. An additional error is present ...
CVE-2018-16657
CVE-2018-16657 affects Kamailio SIP server (pre-5.0.7 and pre-5.1.x before 5.1.4). A crafted SIP message with an invalid Via header triggers a segmentation fault due to missing input validation in crcitt_string_array (CRC hash for To tags) and an additional issue in check_via_address, leading to ...
Kamailio < 5.0.7 & 5.1.x < 5.1.4 Multiple DoS Vulnerabilities
Kamailio is prone to multiple denial of service vulnerabilities which may result in a crash of the system. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...