Lucene search
K

10 matches found

Tenable Nessus
Tenable Nessus
added 2024/07/05 12:0 a.m.39 views

GLSA-202407-10 : Sofia-SIP: Multiple Vulnerabilities

The remote host is affected by the vulnerability described in GLSA-202407-10 Sofia-SIP: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Sofia-SIP. Please review the CVE identifiers referenced below for details. Tenable has extracted the preceding description block direct...

9.8CVSS8.1AI score0.0238EPSS
Exploits1References4
Debian
Debian
added 2023/05/24 10:39 a.m.67 views

[SECURITY] [DSA 5410-1] sofia-sip

------------------------------------------------------------------------- Debian Security Advisory DSA-5410-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff May 24, 2023 https://www.debian.org/security/faq -...

9.8CVSS7.1AI score0.0366EPSS
Exploits5
Tenable Nessus
Tenable Nessus
added 2023/05/24 12:0 a.m.28 views

Debian DSA-5410-1 : sofia-sip - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5410 advisory. - Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to...

9.8CVSS8.2AI score0.0366EPSS
Exploits5References13
OpenVAS
OpenVAS
added 2023/03/28 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2023-0040)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.0238EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.21 views

Ubuntu: Security Advisory (USN-5932-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.7AI score0.0366EPSS
Exploits5References2
Ubuntu
Ubuntu
added 2023/03/07 2:34 p.m.76 views

USN-5932-1: Sofia-SIP vulnerabilities

It was discovered that Sofia-SIP incorrectly handled specially crafted SDP packets. A remote attacker could use this issue to cause applications using Sofia-SIP to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LT...

9.8CVSS7.8AI score0.0366EPSS
Exploits5
Mageia
Mageia
added 2023/02/07 12:6 a.m.58 views

Updated sofia-sip packages fix security vulnerability

Missing message length and attributes length checks when it handles STUN packets, leading to controllable heap-over-flow CVE-2023-22741...

9.8CVSS9.1AI score0.0238EPSS
Exploits1References2
Debian
Debian
added 2023/01/29 9:5 p.m.44 views

[SECURITY] [DLA 3292-1] sofia-sip security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3292-1 [email protected] https://www.debian.org/lts/security/ Adrian Bunk [email protected] January 29, 2023 https://wiki.debian.org/LTS -...

9.8CVSS9.6AI score0.0238EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2023/01/19 9:20 p.m.4 views

CVE-2023-22741 heap-over-flow in stun_parse_attribute in sofia-sip

Sofia-SIP is an open-source SIP User-Agent library, compliant with the IETF RFC3261 specification. In affected versions Sofia-SIP lacks both message length and attributes length checks when it handles STUN packets, leading to controllable heap-over-flow. For example, in stunparseattribute, after ...

9.8CVSS10AI score0.0238EPSS
Exploits1References3
CVE
CVE
added 2023/01/19 9:20 p.m.121 views

CVE-2023-22741

Summary: CVE-2023-22741 affects Sofia-SIP’s handling of STUN packets, where the code does not validate message length and attribute length, enabling controllable heap overflow. This could allow remote code execution via heap grooming or related exploitation techniques. The issue originates from S...

9.8CVSS9.7AI score0.0238EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder