Buffer Overflow in MultiTech VoIP Implementations

2005.12.06
Credit: Ejovi Nuwere
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-Other


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

SecurityLab Technologies, Inc. --- www.securitylab.net --- Security Advisory Advisory Name: Buffer Overflow in MultiTech VoIP Implementations Release Date: December 05, 2005 Application: MultiVoIP Gateway Platform: Multiple Severity: Moderate Author: Ejovi Nuwere <SLAB_research[AT]securitylab.net> Vendor Status: Patched in Version x.08 Reference: http://www.securitylab.net/research/ Overview: The MultiVOIP voice over IP gateway provides toll-free voice and fax communications over the Internet or Intranet. Occasionally MultiTech develops and licenses their VoIP Gateways and VoIP related stacks for inclusion in third party platforms. Therefore, this bug may affect products outside of the MultiTech line. SecurityLab technologies has discovered a remote buffer overflow in MultiTech's MultiVOIP product line that may lead to remote code execution. Details: The buffer overflow occurs in the SIP packet INVITE field with a string greater than 60 characters. Testing was performed on an embedded device with limited debug environment. Source code was not avaible for further analysys. Vendor Response: Patched. Version x.08 Recommendation: Contact vendor for current release. Site of the day: InfoSecDaily http://www.infosecdaily.net security news for security professionals Copyright 2005 SecurityLab Technologies, Inc. You may distribute freely without modification.


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top