Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2007-2293 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Asterisk

6 documents5 sources

Severity

7.6HIGHNVD

EPSS

49.6%

top 2.19%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Asterisk Debian Asterisk

Timeline

PublishedApr 26

Latest updateMay 1

Description

Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c of the SIP channel T.38 SDP parser in Asterisk before 1.4.3 allow remote attackers to execute arbitrary code via a long (1) T38FaxRateManagement or (2) T38FaxUdpEC SDP parameter in an SIP message, as demonstrated using SIP INVITE.

CVSS vector

AV:N/AC:H/C:C/I:C/A:CExploitability: 4.9 | Impact: 10.0

Affected Packages3 packages

▶debiandebian/asterisk< asterisk 1:1.4.3~dfsg-1 (bullseye)

▶Debianasterisk/asterisk< 1:1.4.3~dfsg-1

▶NVDasterisk/asterisk1.4.1, 1.4.2, 1.4_beta+2

Patches

Patch: secunia.com ↗Patch: www.securityfocus.com ↗Patch: www.securitytracker.com ↗

🔴Vulnerability Details

GHSA

GHSA-hrm2-xm5m-6mfh: Multiple stack-based buffer overflows in the process_sdp function in chan_sip↗2022-05-01

▶

OSV

CVE-2007-2293: Multiple stack-based buffer overflows in the process_sdp function in chan_sip↗2007-04-26

▶

💥Exploits & PoCs

Exploit-DB

Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (PoC) (2)↗2007-03-21

▶

Exploit-DB

Asterisk 1.4 SIP T.38 SDP - Parsing Remote Stack Buffer Overflow (PoC) (1)↗2007-03-21

▶

📋Vendor Advisories

Debian

CVE-2007-2293: asterisk - Multiple stack-based buffer overflows in the process_sdp function in chan_sip.c ...↗2007

▶