CVE-2008-3210

Sažetak

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

Reference

http://labs.mudynamics.com/advisories/MU-200807-01.txt
http://secunia.com/advisories/31058
http://securityreason.com/securityalert/4013
http://www.resiprocate.org/ReSIProcate_1.3.3_Release
http://www.securityfocus.com/bid/30194
https://exchange.xforce.ibmcloud.com/vulnerabilities/43770
https://www.exploit-db.com/exploits/6046

CVSS

Base:	5.0
Impact:	2.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	PARTIAL

CVSS vektor

AV:N/AC:L/Au:N/C:N/I:N/A:P

Zadnje važnije ažuriranje

29-09-2017 - 01:31

Objavljeno

18-07-2008 - 15:13