AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

2006.08.10

Credit: Tan Chew Keong

Risk: High

Local: No

Remote: Yes

CVE: CVE-2006-4029

CWE: CWE-Other

Ogólna skala CVSS: 7.5/10

Znaczenie: 6.4/10

Łatwość wykorzystania: 10/10

Wymagany dostęp: Zdalny

Złożoność ataku: Niska

Autoryzacja: Nie wymagana

Wpływ na poufność: Częściowy

Wpływ na integralność: Częściowy

Wpływ na dostępność: Częściowy

AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

by Tan Chew Keong

Release Date: 2006-07-25

Summary

-------

A vulnerability has been found in AGEphone. When exploited, the vulnerability allows execution of arbitrary code with privileges of the AGEphone user via a single specially-crafted UDP SIP packet.

Tested Versions

---------------

AGEphone for Windows version 1.24 and 1.38.1

Details

-------

http://vuln.sg/agephone1381-en.html

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.