38 matches found
EUVD-2006-0744
Malware in sbrugna...
EUVD-2006-0745
Malware in sbrugna...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit
No description provided by source. / eStara Softphone buffer overflow exploit tested on : eStara Softphone 3.0.1.14 |||||| eStara Softphone 3.0.1.46 Vender website : http://www.estara.com/softphone/softph.exe Run this application, then use nc to send builded packet : nc -u 127.0.0.1 5060...
eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String DoS
No description provided by source. source: http://www.securityfocus.com/bid/16629/info eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash. INVITE sip:[email protected] SIP/2.0 Via:...
eStara SoftPhone 3.0.1 SIP Packet Multiple Malformed Field DoS
No description provided by source. source: http://www.securityfocus.com/bid/16629/info eStara Smartphone is prone to multiple denial-of-service vulnerabilities when processing malformed VOIP headers. Successful exploitation will cause the device to crash. For the negative 'Expires' field issue:...
CounterPath eyeBeam 1.1 build 3010n SIP Header Data Remote Buffer Overflow Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/16253/info A remote buffer-overflow vulnerability affects CounterPath eyeBeam because the application fails to properly validate the length of user-supplied strings prior to copying them into static process buffers. An...
eStara Softphone <= 3.0.1.46 (SIP) Remote Buffer Overflow Exploit
No description provided by source. / eStara Softphone buffer overflow exploit tested on : eStara Softphone 3.0.1.14 |||||| eStara Softphone 3.0.1.46 Vender website : http://www.estara.com/softphone/softph.exe Run this application, then use nc to send builded packet : nc -u 127.0.0.1 5060...
eStara SoftPhone Detection
The remote host is running eStara SoftPhone, a commercial SIP software client for Windows. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid20957; scriptversion"1.14"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"eStara SoftPhone Detection";...
eStara SoftPhone SIP Packet SDP Data attribute Field Overflow
The version of SoftPhone installed on the remote host reportedly fails to properly handle SIP packets with long 'a=' lines in the SDP data. An unauthenticated, remote attacker may be able to exploit this flaw to overflow a buffer and execute arbitrary code on the remote host. C Tenable Network...
Format string
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0737
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
Cross site request forgery (csrf)
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
CVE-2006-0739
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
Design/Logic Flaw
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
CVE-2006-0739
eStara SIP softphone allows remote attackers to cause a denial of service crash via an INVITE request with a Content-Length field that has more than 9 digits...
CVE-2006-0737
eStara SIP softphone allows remote attackers to cause a denial of service crash via a SIP OPTIONS request with a negative Expires field...
CVE-2006-0738
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service hang via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using 1 the field name, 2 the o field owner/creator and session identifier,...
CVE-2006-0739
The CVE-2006-0739 entry refers to the eStara SIP softphone as the affected product. The vulnerability allows a remote attacker to cause a denial of service (crash) by sending an INVITE request where the Content-Length field contains more than 9 digits. No exploit details or remediation are provid...
CVE-2006-0738
CVE-2006-0738 concerns the eStara SIP softphone. The vulnerability arises from multiple format string vulnerabilities in how the SDP session description is processed during SIP INVITE handling, allowing remote attackers to cause a denial of service (hang). Affected component details state that fo...