CVE-2008-3210 : Détail

CVE-2008-3210

A03-Injection
9.67%V4
Network
2008-07-18
13h00 +00:00
2017-09-28
10h57 +00:00
CVE.org
NVD
Notifications pour un CVE
Restez informé de toutes modifications pour un CVE spécifique.
Gestion des notifications

Descriptions du CVE

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

Informations du CVE

Faiblesses connexes

CWE-ID Nom de la faiblesse Source
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Métriques

Métriques Score Gravité CVSS Vecteur Source
V2 5 AV:N/AC:L/Au:N/C:N/I:N/A:P nvd@nist.gov

EPSS

EPSS est un modèle de notation qui prédit la probabilité qu'une vulnérabilité soit exploitée.

Score EPSS

Le modèle EPSS produit un score de probabilité compris entre 0 et 1 (0 et 100 %). Plus la note est élevée, plus la probabilité qu'une vulnérabilité soit exploitée est grande.

Percentile EPSS

Le percentile est utilisé pour classer les CVE en fonction de leur score EPSS. Par exemple, une CVE dans le 95e percentile selon son score EPSS est plus susceptible d'être exploitée que 95 % des autres CVE. Ainsi, le percentile sert à comparer le score EPSS d'une CVE par rapport à d'autres CVE.
EPSS First.org

Informations sur l'Exploit

Exploit Database EDB-ID : 6046

Date de publication : 2008-07-11 22h00 +00:00
Auteur : Mu Security
EDB Vérifié : Yes

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Remote DoS in reSIProcate [MU-200807-01] July 10, 2008 http://labs.mudynamics.com/advisories.html Affected Products/Versions: * repro SIP proxy/registrar 1.3.2 http://www.resiprocate.org/ReSIProcate_1.3.2_Release * Any product using the reSIProcate SIP stack 1.3.2 may also be vulnerable. Product Overview: http://www.resiprocate.org/ reSIProcate is a SIP stack. SIP is a protocol used for voice-over-IP telephony. repro is a SIP proxy/registrar that uses the reSIProcate SIP stack. Vulnerability Details: A malformed INVITE or OPTIONS message to the repro SIP proxy/registrar can crash the process. The crash is caused by an assertion failure that occurs when the domain name in the request line URI is too long (rutil/dns/DnsStub.cxx, line 493). For example, the URI may be "sip:bob@example.comAAAAAAA...", where "sip:bob@example.com" is followed by 256 As. To cause the crash, the address in the To header must be a valid target address. Example invalid packet: OPTIONS sip:bob@example.comAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA SIP/2.0 Via: SIP/2.0/UDP 127.0.0.1:54422;branch=z9hG4bKZqPsHMEiem;rport To: "Bob" <sip:bob@example.com> From: "Alice" <sip:alice@example.com>;tag=W4eHvLYEQX Call-ID: nO1DpTVfo4@mudynamics.com CSeq: 1 OPTIONS Contact: <sip:alice@127.0.0.1:54422> Max-Forwards: 70 Content-Length: 0 Vendor Response / Solution: Update to 1.3.3, available from https://www.resiprocate.org/files/pub/reSIProcate/releases/ This bug was also fixed by the reSIProcate development team in SVN on April 23 (revision 7628). History: July 1, 2008 - First contact with vendor July 1, 2008 - Vendor acknowledges vulnerability July 3, 2008 - Vendor releases 1.3.3 July 10, 2008 - Advisory released Mu-4000 vector: *.request-line.line.dsv.uri.body.string.append-overflow Credit: This vulnerability was discovered by the Mu Dynamics research team. http://labs.mudynamics.com/pgpkey.txt Mu Dynamics offers a new class of security analysis system, delivering a rigorous and streamlined methodology for verifying the robustness and security readiness of any IP-based product or application. Founded by the pioneers of intrusion detection and prevention technology, Mu Dynamics is backed by preeminent venture capital firms that include Accel Partners, Benchmark Capital and DAG Ventures. The company is headquartered in Sunnyvale, CA. For more information, visit the company's website at http://www.mudynamics.com. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (Darwin) iD8DBQFIdqOZQLdDlEyOXHQRAvt+AJsHGgqEVoiQi0Nb7ND9CR7HteZJpgCeMgKv 5lqpYSLdj7WBeXoD4l95+WA= =KUQC -----END PGP SIGNATURE----- # milw0rm.com [2008-07-12]

Products Mentioned

Configuraton 0

Resiprocate>>Resiprocate >> Version 1.3.2

Références

https://www.exploit-db.com/exploits/6046
Tags : exploit, x_refsource_EXPLOIT-DB
http://secunia.com/advisories/31058
Tags : third-party-advisory, x_refsource_SECUNIA
http://securityreason.com/securityalert/4013
Tags : third-party-advisory, x_refsource_SREASON
http://www.securityfocus.com/bid/30194
Tags : vdb-entry, x_refsource_BID
Les informations affichées sur CVE Find proviennent de plusieurs sources de référence rigoureusement sélectionnées. Les données CVE sont fournies par MITRE Corporation et la National Vulnerability Database (NVD). Le catalogue des vulnérabilités activement exploitées (KEV) provient de la Cybersecurity and Infrastructure Security Agency (CISA), tandis que les scores EPSS sont issus de FIRST.org. Enfin, les données relatives aux faiblesses logicielles (CWE) et aux schémas d'attaque courants (CAPEC) sont maintenues par MITRE Corporation, et les informations sur les configurations logicielles et matérielles (CPE) proviennent du NVD.