icon

We found results for “

CVE-2023-27598

Date: March 15, 2023

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.7 and 3.2.4, sending a malformed "Via" header to OpenSIPS triggers a segmentation fault when the function "calc_tag_suffix" is called. A specially crafted "Via" header, which is deemed correct by the parser, will pass uninitialized strings to the function "MD5StringArray" which leads to the crash. Abuse of this vulnerability leads to Denial of Service due to a crash. Since the uninitialized string points to memory location "0x0", no further exploitation appears to be possible. No special network privileges are required to perform this attack, as long as the OpenSIPS configuration makes use of functions such as "sl_send_reply" or "sl_gen_totag" that trigger the vulnerable code. This issue has been fixed in versions 3.1.7 and 3.2.4.

Language: C

Severity Score

Severity Score

Weakness Type (CWE)

Use of Uninitialized Resource

CWE-908

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality (C): NONE
Integrity (I): NONE
Availability (A): HIGH

Do you need more information?

Contact Us