AOL AIM SIPFoundry sipXtapi RTCP Processing Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AOL AIM. Successful exploitation requires the victim to accept a Video Messaging session with the attacker. The specific flaw exists in the SIP protocol implementation library, sipXtapi.dll. If a...

trionPWN.pl.txt

greetz... !/usr/bin/perl p0c Tested on Windows XP SP2 with triton 1.0.4 c0rrupt -at- f34r -dot- us This exploits the sipxtapi vuln in triton which was patched.. sometime ago.. The exploit sends a specially crafted udp packet to the triton client which leads to command execution through a buffer...

AIM Triton 1.0.4 (SipXtapi) Remote Buffer Overflow Exploit (PoC)

Exploit for unknown platform in category remote exploits ================================================================ AIM Triton 1.0.4 SipXtapi Remote Buffer Overflow Exploit PoC ================================================================ !/usr/bin/perl p0c Tested on Windows XP SP2 with...

AIM Triton 1.0.4 - SipXtapi Remote Buffer Overflow

AIM Triton 1.0.4 - SipXtapi Remote Buffer Overflow !/usr/bin/perl p0c Tested on Windows XP SP2 with triton 1.0.4 c0rrupt -at- f34r -dot- us This exploits the sipxtapi vuln in triton which was patched.. sometime ago.. The exploit sends a specially crafted udp packet to the triton client which lead...

sipXtapi.txt

!/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the code for ret address\n\n"; if not...

AIM Triton 1.0.4 - 'SipXtapi' Remote Buffer Overflow

!/usr/bin/perl p0c Tested on Windows XP SP2 with triton 1.0.4 c0rrupt -at- f34r -dot- us This exploits the sipxtapi vuln in triton which was patched.. sometime ago.. The exploit sends a specially crafted udp packet to the triton client which leads to command execution through a buffer overflow. T...

SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit

Exploit for unknown platform in category remote exploits ========================================================= SIPfoundry sipXtapi CSeq Remote Buffer Overflow Exploit ========================================================= !/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09...

SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow

!/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the code for ret address\n\n"; if not...

SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit

No description provided by source. !/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone 2.6.0.27 read the...

SIPfoundry sipXtapi - CSeq Remote Buffer Overflow

SIPfoundry sipXtapi - CSeq Remote Buffer Overflow !/usr/bin/perl Remote Buffer Overflow in sipXtapi bad char 0x00 0x09 0x0a 0x0d 0x20 use IO::Socket; use strict; print "\n\n"; print "sipXtapi original Exploit by Michael Thumann added a real shellcode by acaro\n\n"; print "tested on sipXphone...

CVE-2006-3524

Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message...

CVE-2006-3524

Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message...

CVE-2006-3524

Buffer overflow in SIPfoundry sipXtapi released before 20060324 allows remote attackers to execute arbitrary code via a long CSeq field value in an INVITE message...

CVE-2006-3524

CVE-2006-3524 is a buffer overflow in SIPfoundry SIPXtapi, with public exploits targeting SIP-related components (sipXezPhone 0.35a, sipXphone 2.6.0.27) via an overly long CSeq value in SIP INVITE/CSeq processing. The vulnerability allows remote code execution and has in-the-wild Metasploit/Explo...

ERNW-02-2006.txt

ERNW Security Advisory 02-2006 Buffer Overflow in SIP Foundry's SipXtapi Author: Michael Thumann Homepage: www.ernw.de 1. Summary: The sipXtapi library from sip foundry contains a buffer overflow when parsing the CSeq field. This flaw can be used by an attacker to gain control over EIP and execut...

SIPfoundry sipXtapi - 'CSeq' Remote Buffer Overflow (PoC)

!/usr/bin/perl PoC Exploit By [email protected] Remote Buffer Overflow in sipXtapi use IO::Socket; use strict; print "sipXtapi Exploit by Michael Thumann \n\n"; if not $ARGV0 print "Usage: sipx.pl \n"; exit; $target=$ARGV0; my $source ="127.0.0.1"; my $targetport = 5060; my $user ="bad"; my...

[Full-disclosure] ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton)

ERNW Security Advisory 02-2006 Buffer Overflow in SIP Foundry's SipXtapi Author: Michael Thumann mthumannaternw.de Homepage: www.ernw.de 1. Summary: The sipXtapi library from sip foundry contains a buffer overflow when parsing the CSeq field. This flaw can be used by an attacker to gain control...

SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit PoC

Exploit for hardware platform in category dos / poc ============================================================= SIPfoundry sipXtapi CSeq Remote Buffer Overflow Exploit PoC ============================================================= !/usr/bin/perl PoC Exploit By email protected Remote Buffer...

SipXtapi SIP library buffer overflow

Buffer overflow on CSeq field parsing...

SIPfoundry sipXtapi (CSeq) Remote Buffer Overflow Exploit PoC

No description provided by source. !/usr/bin/perl PoC Exploit By [email protected] Remote Buffer Overflow in sipXtapi use IO::Socket; use strict; print "sipXtapi Exploit by Michael Thumann \n\n"; if not $ARGV0 print "Usage: sipx.pl host\n"; exit; $target=$ARGV0; my $source ="127.0.0.1"; my...