MultiTech MultiVOIP INVITE远程缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1197043 漏洞类型 缓冲区溢出
发布时间 2005-12-07 更新时间 2005-12-07
CVE编号 CVE-2005-4050 CNNVD-ID CNNVD-200512-127
漏洞平台 N/A CVSS评分 7.5
|漏洞来源
https://cxsecurity.com/issue/WLB-2005120012
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200512-127
|漏洞详情
MultiVOIPIP语音网关可通过Internet或Intranet提供免费的语音和传真通讯。MultiVOIP产品在处理SIP报文时存在远程缓冲区溢出漏洞,远程攻击者可能利用此漏洞执行任意指令。如果SIP报文的INVITE字段字符串大于60个字符的话,就可以触发这个漏洞,导致拒绝服务或远程执行任意代码。
|漏洞EXP
			SecurityLab Technologies, Inc.
			--- www.securitylab.net ---

Security Advisory
 Advisory Name: Buffer Overflow in MultiTech VoIP Implementations
  Release Date: December 05, 2005
   Application: MultiVoIP Gateway
	Platform: Multiple
	Severity: Moderate
	  Author: Ejovi Nuwere <SLAB_research[AT]securitylab.net>
 Vendor Status: Patched in Version x.08
     Reference: http://www.securitylab.net/research/

Overview:
The MultiVOIP voice over IP gateway provides toll-free voice and fax
communications over the Internet or Intranet. Occasionally MultiTech
develops and licenses their VoIP Gateways and VoIP related stacks for
inclusion in third party platforms. Therefore, this bug may affect
products outside of the MultiTech line.

SecurityLab technologies has discovered a remote buffer overflow in
MultiTech's MultiVOIP product line that may lead to remote code 
execution.

Details:
The buffer overflow occurs in the SIP packet INVITE field with a
string greater than 60 characters. Testing was performed on an
embedded device with limited debug environment. Source code was not
avaible for further analysys.

Vendor Response:
Patched. Version x.08

Recommendation:
Contact vendor for current release.

Site of the day:
InfoSecDaily http://www.infosecdaily.net
security news for security professionals

Copyright 2005 SecurityLab Technologies, Inc. You may distribute freely
without modification.
|参考资料

来源:XF
名称:multivoip-sip-invite-bo(23416)
链接:http://xforce.iss.net/xforce/xfdb/23416
来源:MISC
链接:http://www.securitylab.net/research/2005/12/buffer_overflow_in_multitech_v.html
来源:BUGTRAQ
名称:20051205BufferOverflowinMultiTechVoIPImplementations
链接:http://www.securityfocus.com/archive/1/archive/1/418653/100/0/threaded
来源:BID
名称:15711
链接:http://www.securityfocus.com/bid/15711
来源:VUPEN
名称:ADV-2005-2781
链接:http://www.frsirt.com/english/advisories/2005/2781
来源:SECTRACK
名称:1015314
链接:http://securitytracker.com/id?1015314
来源:SREASON
名称:231
链接:http://securityreason.com/securityalert/231
来源:SECUNIA
名称:17852
链接:http://secunia.com/advisories/17852