In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function. This could result in denial of service and potentially the execution of arbitrary code.
References
Link | Resource |
---|---|
https://lists.debian.org/debian-lts-announce/2018/08/msg00018.html | Mailing List Third Party Advisory |
https://skalatan.de/blog/advisory-hw-2018-05 | Exploit Patch Third Party Advisory |
https://www.debian.org/security/2018/dsa-4267 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-07-31T06:00:00
Updated: 2018-08-20T09:57:02
Reserved: 2018-07-31T00:00:00
Link: CVE-2018-14767
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-07-31T06:29:00.227
Modified: 2018-10-04T21:29:51.427
Link: CVE-2018-14767
JSON object: View
Redhat Information
No data.
CWE