Lucene search
+L

98 matches found

ubuntucve
ubuntucve
added 2024/04/10 12:15 a.m.340 views

CVE-2024-3119

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sipgetcallid and sipgetxcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dat...

9.8CVSS7.5AI score0.018EPSS
Exploits0References4
osv
osv
added 2024/04/10 12:15 a.m.3 views

UBUNTU-CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

9.8CVSS6.2AI score0.01838EPSS
Exploits0References5
vulnrichment
vulnrichment
added 2024/04/09 11:55 p.m.15 views

CVE-2024-3120 Stack-Buffer Overflow in 'Content-Length' and 'Warning' Header Processing in sngrep

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

9CVSS8.1AI score0.01838EPSS
Exploits0References3
cve
cve
added 2024/04/09 11:55 p.m.93 views

CVE-2024-3120

CVE-2024-3120 affects all versions of sngrep since v1.4.1. A stack-buffer overflow arises from inadequate bounds checking when copying the SIP headers ‘Content-Length’ and ‘Warning’ into fixed-size buffers in src/sip.c (sip_validate_packet and sip_parse_extra_headers). This allows remote attacker...

9.8CVSS9.4AI score0.01838EPSS
Exploits0References3Affected Software1
osv
osv
added 2024/04/09 11:55 p.m.6 views

CVE-2024-3120 Stack-Buffer Overflow in 'Content-Length' and 'Warning' Header Processing in sngrep

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

9CVSS7.6AI score0.01838EPSS
Exploits0References5
debiancve
debiancve
added 2024/04/09 11:55 p.m.20 views

CVE-2024-3120

A stack-buffer overflow vulnerability exists in all versions of sngrep since v1.4.1. The flaw is due to inadequate bounds checking when copying 'Content-Length' and 'Warning' headers into fixed-size buffers in the sipvalidatepacket and sipparseextraheaders functions within src/sip.c. This...

9.8CVSS8.5AI score0.01838EPSS
Exploits0
vulnrichment
vulnrichment
added 2024/04/09 11:55 p.m.23 views

CVE-2024-3119 Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sipgetcallid and sipgetxcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dat...

9CVSS8.2AI score0.018EPSS
Exploits0References3
debiancve
debiancve
added 2024/04/09 11:55 p.m.25 views

CVE-2024-3119

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sipgetcallid and sipgetxcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dat...

9.8CVSS8.7AI score0.018EPSS
Exploits0
cve
cve
added 2024/04/09 11:55 p.m.83 views

CVE-2024-3119

CVE-2024-3119 affects sngrep; all versions since v0.4.2 vulnerable due to improper handling of SIP headers. The functions sip_get_callid and sip_get_xcallid copy header data into fixed-size buffers with strncpy without validating length, enabling remote attackers to trigger arbitrary code executi...

9.8CVSS9.3AI score0.018EPSS
Exploits0References3Affected Software1
cvelist
cvelist
added 2024/04/09 11:55 p.m.22 views

CVE-2024-3119 Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sipgetcallid and sipgetxcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dat...

9CVSS9.6AI score0.018EPSS
Exploits0References3
osv
osv
added 2024/04/09 11:55 p.m.6 views

CVE-2024-3119 Stack-Buffer Overflow in 'Call-ID' and 'X-Call-ID' SIP Header Processing in sngrep

A buffer overflow vulnerability exists in all versions of sngrep since v0.4.2, due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sipgetcallid and sipgetxcallid in sip.c use the strncpy function to copy header contents into fixed-size buffers without checking the dat...

9CVSS7.8AI score0.018EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/04/09 12:0 a.m.6 views

Irontec Sngrep 安全漏洞

Irontec Sngrep is a tool from Irontec for displaying SIP call message streams from endpoints. A security vulnerability exists in Irontec Sngrep versions v1.4.1 through v1.8.1, which stems from copying Content-Length and Warning headers into the sipvalidatepacket and sipparseextraheaders functions...

9.8CVSS9.2AI score0.01838EPSS
Exploits0References5
cnnvd
cnnvd
added 2024/04/09 12:0 a.m.6 views

Irontec Sngrep 缓冲区错误漏洞

Irontec Sngrep is a tool from Irontec for displaying SIP call message streams from endpoints. A security vulnerability exists in Irontec Sngrep versions v0.4.2 through v1.8.1, which stems from the functions sipgetcallid and sipgetxcallid in sip.c using the strncpy function to copy the contents of...

9.8CVSS9.3AI score0.018EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2024/04/09 12:0 a.m.3 views

PT-2024-23843

Name of the Vulnerable Software and Affected Versions sngrep versions 1.4.1 and later Description A stack-buffer overflow issue exists due to inadequate bounds checking when copying Content-Length and Warning headers into fixed-size buffers in the sip validate packet and sip parse extra headers...

9.8CVSS8.2AI score0.01838EPSS
Exploits0References19
ptsecurity
ptsecurity
added 2024/04/09 12:0 a.m.5 views

PT-2024-23832 · Sngrep +2 · Sngrep +2

Name of the Vulnerable Software and Affected Versions: sngrep versions 0.4.2 and later Description: A buffer overflow vulnerability exists due to improper handling of 'Call-ID' and 'X-Call-ID' SIP headers. The functions sip get callid and sip get xcallid in sip.c use the strncpy function to copy...

9.8CVSS9.7AI score0.01838EPSS
Exploits0References23
veracode
veracode
added 2023/08/06 5:47 a.m.22 views

Stack-Based Buffer Overflow

sngrep is vulnerable to Stack-Based Buffer Overflow. The vulnerability exists in the packetsetpayload function of /src/packet.c where a stack-based buffer overflow could be triggered by a local attacker...

7.8CVSS7AI score0.00308EPSS
Exploits1References2Affected Software1
veracode
veracode
added 2023/08/06 5:47 a.m.21 views

Heap-Based Buffer Overflow

sngrep is vulnerable to Heap-Based Buffer Overflow. The vulnerability exists in the capturepacketreasmip function of /src/capture.c where a stack-based buffer overflow could be triggered by a local attacker...

7.8CVSS7AI score0.00309EPSS
Exploits1References2Affected Software1
veracode
veracode
added 2023/07/23 7:21 p.m.18 views

Out-of-Bounds Write

sngrep is vulnerable to Out-of-Bounds Write. The vulnerability is found in capturewscheckpacket within /src/capture.c which allows a local attacker to cause a heap-based buffer overflow...

7.8CVSS6.6AI score0.00308EPSS
Exploits1References2Affected Software1
susecve
susecve
added 2023/06/24 1:47 a.m.2 views

SUSE CVE-2023-36192

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c...

7.8CVSS7.8AI score0.00308EPSS
Exploits1References3
nvd
nvd
added 2023/06/23 2:15 a.m.22 views

CVE-2023-36192

Sngrep v1.6.0 was discovered to contain a heap buffer overflow via the function capturewscheckpacket at /src/capture.c...

7.8CVSS7.9AI score0.00308EPSS
Exploits1References1
Rows per page
Query Builder