3 matches found
CVE-2023-28099
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...
CVE-2023-28099
OpenSIPS is a Session Initiation Protocol SIP server implementation. Prior to versions 3.1.9 and 3.2.6, if dsisinlist is used with an invalid IP address string NULL is illegal input, OpenSIPS will attempt to print a string from a random address stack garbage, which could lead to a crash. All user...
CVE-2023-28099
OpenSIPS contains a vulnerability in ds_is_in_list() when given an invalid IP string (NULL). Prior to versions 3.1.9 and 3.2.6, this can cause a crash by printing from a random stack address. The issue affects users of ds_is_in_list() where the first parameter is not the $si value. Remediation is...