An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this flaw to crash the sipdump process by generating specially crafted SIP traffic.
References
Link | Resource |
---|---|
http://openwall.com/lists/oss-security/2017/07/26/1 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100023 | Broken Link Third Party Advisory VDB Entry |
http://openwall.com/lists/oss-security/2017/07/26/1 | Exploit Mailing List Third Party Advisory |
http://www.securityfocus.com/bid/100023 | Broken Link Third Party Advisory VDB Entry |
Configurations
History
21 Nov 2024, 03:08
Type | Values Removed | Values Added |
---|---|---|
References | () http://openwall.com/lists/oss-security/2017/07/26/1 - Exploit, Mailing List, Third Party Advisory | |
References | () http://www.securityfocus.com/bid/100023 - Broken Link, Third Party Advisory, VDB Entry |
Information
Published : 2017-07-26 14:29
Updated : 2024-11-21 03:08
NVD link : CVE-2017-11654
Mitre link : CVE-2017-11654
CVE.ORG link : CVE-2017-11654
JSON object : View
Products Affected
sipcrack_project
- sipcrack