Linux Distros Unpatched Vulnerability : CVE-2017-11521

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx in reSIProcate 1.10.2 allows remote attackers to cause a denial of service memor...

[SECURITY] Fedora 40 Update: libre-3.10.0-1.fc40

Libre is a generic library for real-time communications with async I/O support. Features are a SIP stack RFC 3261, SDP, RTP and RTCP, SRTP and SRTCP Secure RTP, DNS client, STUN/TURN/ICE stack, BFCP, HTTP stack with client/server, Websockets, Jitter buffer, async I/O poll, epoll, select, kqueue,...

drachtio-server 安全漏洞

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. A security vulnerability exists in drachtio-server prior to version 0.8.20, which stems from a vulnerability that could allow a remote attacker to cause a denial of service daemon crash via a crafted UDP message,...

drachtio-server memory mis-reference vulnerability

drachtio-server is a SIP server built on the sofia SIP stack by drachtio open source. drachtio drachtio-server version 0.8.18 is vulnerable to a memory misquoting vulnerability that stems from the request-handler.cpp component receiving requests when the event The cb instruction responsible for...

drachtio-server information disclosure vulnerability

drachtio-server is a drachtio open source SIP server built on the sofia SIP stack. drachtio drachtio-server version 0.8.18 has an information disclosure vulnerability that stems from the fact that local users can retrieve sensitive data and attackers can use the vulnerability to obtain sensitive...

reSIProcate 1.10.2 - Heap Overflow

''' CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on website: 2018-06-22 Advisory sent to...

reSIProcate 1.10.2 - Heap Overflow

reSIProcate 1.10.2 - Heap Overflow ''' CVE ID: CVE-2018-12584 TIMELINE Bug report with test code sent to main reSIProcate developers: 2018-06-15 Patch created by Scott Godin: 2018-06-18 CVE ID assigned: 2018-06-19 Patch committed to reSIProcate repository: 2018-06-21 Advisory first published on...

asterisk -- Long Contact URIs in REGISTER requests can crash Asterisk

The Asterisk project reports: Asterisk may crash when processing an incoming REGISTER request if that REGISTER contains a Contact header with a lengthy URI. This crash will only happen for requests that pass authentication. Unauthenticated REGISTER requests will not result in a crash occurring...

reSIProcate 1.3.2 Remote Denial of Service PoC

No description provided by source. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008 http://labs.mudynamics.com/advisories.html Affected Products/Versions: repro SIP proxy/registrar 1.3.2 http://www.resiprocate.org/ReSIProcate1.3.2Release Any produ...

reSIProcate 1.3.2 Remote Denial of Service PoC

Exploit for multiple platform in category dos / poc ============================================== reSIProcate 1.3.2 Remote Denial of Service PoC ============================================== -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate MU-200807-01 July 10, 2008...

nokia-dos.txt

Nokia N95 cellphone remote DoS using the SIP Stack Severity: High – Denial of Service Hardware: Nokia N95 Firmware: Tested version: Nokia RM-159 V 12.0.013 Notification: Vulnerability found: 11 September 2007 Contact Nokia Support: 12 September 2007 / None reply Contact Nokia Security Support: 19...

[Full-disclosure] Nokia N95 cellphone remote DoS using the SIP Stack

Nokia N95 cellphone remote DoS using the SIP Stack Severity: High – Denial of Service Hardware: Nokia N95 Firmware: Tested version: Nokia RM-159 V 12.0.013 Notification: Vulnerability found: 11 September 2007 Contact Nokia Support: 12 September 2007 / None reply Contact Nokia Security Support: 19...

Two new DoS Vulnerabilities in Asterisk Fixed

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Digium have released fixes for two new DoS vulnerabilities in Asterisk today. Excerpt from 1.2.17: Along with minor bug fixes, this release incorporates a fix for the SIP DoS vulnerability recently discovered by INRIA Lorraine:...

eStara Softphone SIP stack Buffer Overflow Vulnerability

eStara Softphone is a SIP softphone. There exists a buffer overflow venerability in the SIP stack when a SIP packet with SDP data, and the data length of the attribute filed "a" large than 4021 bytes. By exploiting this buffer overflow, an attacker can potentially gain control of the return addre...