Exploit Report

Exploit Report

Computer Security And Bug Information

CVE-2023-27597

Last Updated: March 21, 2023
CVECVE-2023-27597
CVE Title
Published Date2023-03-15T21:15Z
Modified Date2023-03-21T19:14Z
CWE TypeNVD-CWE-noinfo
CVSS 3.xCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
DescriptionOpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5.
References
By clicking these links you will leave this website. We do not endorse and will not be held accountable for any activity on external sites.
Reference URLhttps://github.com/OpenSIPS/opensips/commit/b2dffe4b5cd81182c9c8eabb6c96aac96c7acfe3
Reference DescriptionMISC https://github.com/OpenSIPS/opensips/commit/b2dffe4b5cd81182c9c8eabb6c96aac96c7acfe3
Reference URLhttps://github.com/OpenSIPS/opensips/security/advisories/GHSA-358f-935m-7p9c
Reference DescriptionMISC https://github.com/OpenSIPS/opensips/security/advisories/GHSA-358f-935m-7p9c
TagsPatch Third Party Advisory
Sources NIST MITRE

This site's data is aggregated programmatically and provided "as is" without any representations or warranties, express or implied. Exploit.report is not affiliated with the The MITRE Corporation, U.S. Department of Homeland Security (DHS), Cybersecurity and Infrastructure Security Agency (CISA), or US government in any way. CVE and the CVE logo are registered trademarks of The MITRE Corporation

© 2022 Exploit.Report | Data | Contact | Privacy Policy | Articles