
We found results for “”
CVE-2023-27598
Date: March 15, 2023
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed "Via" header to OpenSIPS triggers a segmentation fault when the function "calc_tag_suffix" is called. A specially crafted "Via" header, which is deemed correct by the parser, will pass uninitialized strings to the function "MD5StringArray" which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location "0x0", no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as "sl_send_reply" or "sl_gen_totag" that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4.
Language: C
Severity Score
Related Resources (5)
Severity Score
Weakness Type (CWE)
Use of Uninitialized Resource
CWE-908CVSS v3.1
Base Score: |
|
---|---|
Attack Vector (AV): | NETWORK |
Attack Complexity (AC): | LOW |
Privileges Required (PR): | NONE |
User Interaction (UI): | NONE |
Scope (S): | UNCHANGED |
Confidentiality (C): | NONE |
Integrity (I): | NONE |
Availability (A): | HIGH |