CVE-2020-28361

Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...

Design/Logic Flaw

Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...

CVE-2020-28361

Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...

CVE-2020-28361

Kamailio (used in SER/Sippy Softswitch) up to version before 5.4.0 is affected by a header-smuggling bypass in the remove_hf function of the Kamailio textops module. The vulnerability can be exploited by a skilled attacker with valid credentials to bypass header-removal protections and disrupt in...

CVE-2020-28361

Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...

CVE-2020-28361

Kamailio before 5.4.0, as used in Sip Express Router SER in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the removehf function in the Kamailio textops module. Particular use of removehf in...

PT-2020-16995 · Sippy +3 · Sippy Softswitch +3

Name of the Vulnerable Software and Affected Versions: Kamailio versions prior to 5.4.0 Sippy Softswitch versions 4.5 through 5.2 Description: The issue allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove hf function in the Kamailio textop...

New Linux Malware Steals Call Details from VoIP Softswitch Systems

Cybersecurity researchers have discovered an entirely new kind of Linux malware dubbed "CDRThief" that targets voice over IP VoIP softswitches in an attempt to steal phone call metadata. "The primary goal of the malware is to exfiltrate various private data from a compromised softswitch, includin...

Linknat VOS SoftSwitch Detection (HTTP)

HTTP based detection of Linknat VOS SoftSwitch. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...

Cisco PGW Softswitch产品SIP和MGCP报文处理拒绝服务漏洞

BUGTRAQ ID: 40117,40120,40121,40122,40123,40124,40125,40126,40128 CVECAN ID: CVE-2010-0601,CVE-2010-0602,CVE-2010-0603,CVE-2010-0604,CVE-2010-1561,CVE-2010-1562,CVE-2010-1563,CVE-2010-1567,CVE-2010-1565 PGW 2200是运营商级的软件交换机，可在NGN和IMS基础架构中用于执行呼叫控制。 PGW...

CVE-2010-0602

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S11 allows remote attackers to cause a denial of service device crash via a malformed packet, aka Bug ID CSCsk32606...

CVE-2010-0603

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via a malformed session attribute, aka Bug ID CSCsk40030...

CVE-2010-0604

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165...

CVE-2010-1561

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S11 and 9.73P before 9.73P11 allows remote attackers to cause a denial of service device crash via a long message, aka Bug ID CSCsk44115...

CVE-2010-1563

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S9 and 9.73P before 9.73P9 allows remote attackers to cause a denial of service device crash via a malformed header, aka Bug ID CSCsk04588...

Code injection

Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.81S5 allows remote attackers to cause a denial of service device crash via a malformed header, aka Bug ID CSCsz13590...

Code injection

The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.73S before 9.73S11 and 9.73P before 9.73P11 allows remote attackers to cause a denial of service device crash via a long message, aka Bug ID CSCsk44115...

CVE-2010-0601

The MGCP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S11 allows remote attackers to cause a denial of service device crash via a malformed packet, aka Bug ID CSCsl39126...

CVE-2010-0603

The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.73S10 allows remote attackers to cause a denial of service device crash via a malformed session attribute, aka Bug ID CSCsk40030...