SIPcrack 0.2 Out-of-Bounds Read and Write Vulnerability

SIPcrack 0.2 Out-of-Bounds Read and Write Vulnerability

CVE-2017-11654 · MEDIUM Severity

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

An out-of-bounds read and write flaw was found in the way SIPcrack 0.2 processed SIP traffic, because 0x00 termination of a payload array was mishandled. A remote attacker could potentially use this flaw to crash the sipdump process by generating specially crafted SIP traffic.

Learn more about our Web Application Penetration Testing UK.