2 matches found
CVE-2023-28097
OpenSIPS (SIP server) is vulnerable prior to versions 3.1.9 and 3.2.6 due to a parsing flaw in Content-Length that can trigger a segmentation fault when processing a malformed SIP request with a very large Content-Length value, especially when a large shared memory segment (e.g., 2362 or more) is...
CVE-2023-28097 OpenSIPS has vulnerability in the Content-Length Parser
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, a malformed SIP message containing a large Content-Length value and a specially crafted Request-URI causes a segmentation fault in OpenSIPS. This issue occurs when a large amount of shared memo...