Condorlab

Libosip2 – Buffer Overflow


Advisory IDRSN-SIP-1563


Vulnerability Information
In libosip2 in GNU oSIP 4.1.0 and 5.0.0, a malformed SIP message canlead to a heap buffer overflow in the msg_osip_body_parse() functiondefined in osipparser2/osip_message_parse.c, resulting in a remoteDoS.


Release Date
2017-04-13 00:00:00


Solutions
RedShift Networks UCTM solution provides the industry’s first complete security solution developed for securing VOIP networks, endpoints and applications. Its dedicated CONDOR labs research team constantly scouts for new attack patterns, advanced penetration testing methods, vulnerabilities identification and roll out of new signatures to subscribed customers on a constant basis. For more information, visit www.redshiftnetworks.com


External Resources
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-7853
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7853