[Full-disclosure] [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

2006-07-25T00:00:00
ID SECURITYVULNS:DOC:13626
Type securityvulns
Reporter Securityvulns
Modified 2006-07-25T00:00:00

Description

[vuln.sg] Vulnerability Research Advisory

AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

by Tan Chew Keong Release Date: 2006-07-25

Summary

A vulnerability has been found in AGEphone. When exploited, the vulnerability allows execution of arbitrary code with privileges of the AGEphone user via a single specially-crafted UDP SIP packet.

Tested Versions

AGEphone for Windows version 1.24 and 1.38.1

Details

http://vuln.sg/agephone1381-en.html


Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/