libosip2 NULL Pointer Dereference Denial of Service Vulnerability
BID:58324
Info
libosip2 NULL Pointer Dereference Denial of Service Vulnerability
| Bugtraq ID: | 58324 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 05 2013 12:00AM |
| Updated: | Mar 05 2013 12:00AM |
| Credit: | tytusromekiatomek |
| Vulnerable: |
SIP Witch SIP Witch 0.7.4 Aymeric MOIZARD libosip2 4.0 |
| Not Vulnerable: | |
Discussion
libosip2 NULL Pointer Dereference Denial of Service Vulnerability
libosip2 is prone to a denial-of-service vulnerability due to NULL-pointer dereference error.
Attackers can exploit this issue to cause a denial-of-service condition.
libosip2 is prone to a denial-of-service vulnerability due to NULL-pointer dereference error.
Attackers can exploit this issue to cause a denial-of-service condition.
Exploit / POC
libosip2 NULL Pointer Dereference Denial of Service Vulnerability
The researcher who discovered this issue has created a exploit. Please see the references for more information.
The researcher who discovered this issue has created a exploit. Please see the references for more information.
Solution / Fix
libosip2 NULL Pointer Dereference Denial of Service Vulnerability
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently, we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
libosip2 NULL Pointer Dereference Denial of Service Vulnerability
References:
References:
- [Linphone-developers] Segfault (possible DOS vulnerability) in SIP PDU p (Lucian Petrica)
- GNU SIP Witch HomePage (dyfet at gnu dot org)
- SIP Witch 0.7.4 w/libosip2-4.0.0 DoS via NULL pointer derefence in libosip2 (Fulldisclosure)
- The GNU oSIP library HomePage (osip)