EUVD-2007-3423

Malware in sbrugna...

EUVD-2014-0689

Malware in sbrugna...

EUVD-2016-2499

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2021-33056

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Belledonne Belle-sip before 4.5.20, as used in Linphone and other products, can crash via an invalid From header in a SIP message. CVE-2021-33056 Note that Ness...

DEBIAN-CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

Cisco 9900 Series IP Phone Crafted Header Unregister (CVE-2014-0658)

Cisco 9900 Unified IP phones allow remote attackers to cause a denial of service unregistration via a crafted SIP header, aka Bug ID CSCul24898. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, In...

ALPINE-CVE-2023-37457

Asterisk is an open source private branch exchange and telephony toolkit. In Asterisk versions 18.20.0 and prior, 20.5.0 and prior, and 21.0.0; as well as ceritifed-asterisk 18.9-cert5 and prior, the 'update' functionality of the PJSIPHEADER dialplan function can exceed the available buffer space...

CVE-2023-29088

An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP...

SAMSUNG Exynos 缓冲区错误漏洞

SAMSUNG Exynos is a SoC, Arm architecture based processor developed and manufactured by Samsung Mobile, a South Korean company SAMSUNG. SAMSUNG Exynos suffers from a buffer error vulnerability that stems from insufficient parameter validation during decoding of the SIP Min-SE header, resulting in...

SUSE CVE-2007-4924

The Open Phone Abstraction Library opal, as used by 1 Ekiga before 2.0.10 and 2 OpenH323 before 2.2.4, allows remote attackers to cause a denial of service crash via an invalid Content-Length header field in Session Initiation Protocol SIP packets, which causes a \0 byte to be written to an...

UBUNTU-CVE-2018-14767

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "buildresbuffromsipreq" core function. This could result in denial of service and potentially...

Buffer overflow

An issue was discovered in Teluu pjproject pjlib and pjlib-util in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message like cseq, ttl, port, etc. all had the potential to overflow, either causing unintended values to be captured or, if the values were subsequently converted bac...

PT-2017-14609

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.7.1 Description An issue was discovered in the parsing of numeric header fields in a SIP message, such as cseq, ttl, and port. This could lead to a buffer overflow, causing unintended values to be captured or a buffer...

CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

UBUNTU-CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

CVE-2016-9938

An issue was discovered in Asterisk Open Source 11.x before 11.25.1, 13.x before 13.13.1, and 14.x before 14.2.1 and Certified Asterisk 11.x before 11.6-cert16 and 13.x before 13.8-cert4. The chansip channel driver has a liberal definition for whitespace when attempting to strip the content betwe...

Design/Logic Flaw

Cisco TelePresence Video Communications Server VCS X8.x before X8.7.2 allows remote attackers to cause a denial of service service disruption via a crafted URI in a SIP header, aka Bug ID CSCuy43258...

CVE-2016-1400

Cisco TelePresence Video Communications Server VCS X8.x before X8.7.2 allows remote attackers to cause a denial of service service disruption via a crafted URI in a SIP header, aka Bug ID CSCuy43258...

Cisco Video Communication Server Session Initiation Protocol Packet Processing Denial of Service Vulnerability

A vulnerability in the Session Initiation Protocol SIP implementation of the Cisco Video Communications Server VCS could allow an unauthenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to a malformed SIP header message. An attacker could exploit this...

CounterPath eyeBeam 1.1 build 3010n SIP Header Data Remote Buffer Overflow Vulnerability (1)

No description provided by source. source: http://www.securityfocus.com/bid/16253/info A remote buffer-overflow vulnerability affects CounterPath eyeBeam because the application fails to properly validate the length of user-supplied strings prior to copying them into static process buffers. An...