38 matches found
EUVD-2006-0744
Malware in sbrugna...
EUVD-2006-0745
Malware in sbrugna...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit
No description provided by source. / eStara Softphone buffer overflow exploit tested on : eStara Softphone 3.0.1.14 |||||| eStara Softphone 3.0.1.46 Vender website : http://www.estara.com/softphone/softph.exe Run this application, then use nc to send builded packet : nc -u 127.0.0.1 5060...
CounterPath eyeBeam 1.1 build 3010n SIP Header Data Remote Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/16253/info A remote buffer-overflow vulnerability affects CounterPath eyeBeam because the application fails to properly validate the length of user-supplied strings prior to copying them into static process buffers. An...
eStara SoftPhone 3.0.1 SIP Packet Multiple Malformed Field DoS
No description provided by source. source: http://www.securityfocus.com/bid/16629/info eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash. For the negative 'Expires' field issue:...
eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String DoS
No description provided by source. source: http://www.securityfocus.com/bid/16629/info eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash. INVITE sip:[email protected] SIP/2.0 Via:...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit
No description provided by source. / eStara Softphone buffer overflow exploit tested on : eStara Softphone 3.0.1.14 |||||| eStara Softphone 3.0.1.46 Vender website : http://www.estara.com/softphone/softph.exe Run this application, then use nc to send builded packet : nc -u 127.0.0.1 5060...
eStara SoftPhone SIP Packet SDP Data attribute Field Overflow
The version of SoftPhone installed on the remote host reportedly fails to properly handle SIP packets with long 'a=' lines in the SDP data. An unauthenticated, remote attacker may be able to exploit this flaw to overflow a buffer and execute arbitrary code on the remote host. C Tenable Network...
eStara SoftPhone Detection
The remote host is running eStara SoftPhone, a commercial SIP software client for Windows. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20957; scriptversion"1.14"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"eStara SoftPhone Detection";...
Cross site request forgery (csrf)
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
Design/Logic Flaw
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
CVE-2006-0739
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
CVE-2006-0737
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
Format string
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0737
The CVE describes a vulnerability in the eStara SIP softphone where remote attackers can crash the client by sending a SIP OPTIONS request with a negative Expires field. The issue is triggered by handling of invalid Expires values in SIP OPTIONS, leading to a denial of service. The available refe...
CVE-2006-0739
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
CVE-2006-0738
CVE-2006-0738 concerns the eStara SIP softphone. The vulnerability arises from multiple format string vulnerabilities in how the SDP session description is processed during SIP INVITE handling, allowing remote attackers to cause a denial of service (hang). Affected component details state that fo...
CVE-2006-0737
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
CVE-2006-0739
The CVE-2006-0739 entry refers to the eStara SIP softphone as the affected product. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending an INVITE request where the Content-Length field contains more than 9 digits. No exploit details or remediation are provid...