The vulnerability of the Sofia-SIP user agent library (session initiation protocol) lies in its ability to write data beyond the buffer in memory, allowing a hacker to execute arbitrary code.

The vulnerability of the Sofia-SIP user agent library session initiation protocol relates to the possibility of writing beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specially crafted STUN packets remotely...

ALPINE-CVE-2022-31001

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by define MATCHs, m strncmps, m, n = sizeofm - 1 == 0, which will make n...

UBUNTU-CVE-2022-31001

Sofia-SIP is an open-source Session Initiation Protocol SIP User-Agent library. Prior to version 1.13.8, an attacker can send a message with evil sdp to FreeSWITCH, which may cause crash. This type of crash may be caused by define MATCHs, m strncmps, m, n = sizeofm - 1 == 0, which will make n...

FreeSWITCH 1.10.6 SIP Flooding Denial Of Service

FreeSWITCH susceptible to Denial of Service via SIP flooding - Fixed versions: v1.10.7 - Enable Security Advisory: https://github.com/EnableSecurity/advisories/tree/master/ES2021-06-freeswitch-flood-dos - Vendor Security Advisory:...