CVE-2003-0761
published 2003-09-17CVE-2003-0761: Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15…
PriorityP430high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
3.90%
88.9th percentile
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | asterisk | < asterisk 0.5.0 (bullseye) | asterisk 0.5.0 (bullseye) |
| digium | asterisk | — | — |
| digium | asterisk | >= 0 < 0.5.0 | 0.5.0 |
CVSS provenance
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv7.5HIGH
vendor_debian7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-92v8-64cc-mmr5: Buffer overflow in the get_msg_text of chan_sip
ghsa_unreviewed·2022-04-29
CVE-2003-0761 [HIGH] GHSA-92v8-64cc-mmr5: Buffer overflow in the get_msg_text of chan_sip
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
OSV
CVE-2003-0761: Buffer overflow in the get_msg_text of chan_sip
osv·2003-09-17·CVSS 7.5
CVE-2003-0761 [HIGH] CVE-2003-0761: Buffer overflow in the get_msg_text of chan_sip
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
Debian
CVE-2003-0761: asterisk - Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Prot...
vendor_debian·2003·CVSS 7.5
CVE-2003-0761 [HIGH] CVE-2003-0761: asterisk - Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Prot...
Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests.
Scope: local
bullseye: resolved (fixed in 0.5.0)
sid: resolved (fixed in 0.5.0)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2003-09-17
Published