reSIProcate

Mailing Lists

Source Code

Google Search:

< Previous by Date	Date Index	Next by Date >
	Thread Index	Next in Thread >

[reSIProcate] [CVE-2018-12584] Heap overflow vulnerability in resiprocate through 1.10.2

From: Joachim De Zutter <dezutterjoachim@xxxxxxxxx>
Date: Mon, 20 Aug 2018 11:27:06 +0300

A heap overflow vulnerability which might lead to a DoS or remote code execution in client and server software using the reSIProcate sip stack has been found. (CVE-2018-12584)

Full advisory: http://joachimdezutter.webredirect.org/advisory.html

The issue has been fixed since this commit:

https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608

Please update your software if you haven't done so already.

Follow-Ups:
- Re: [reSIProcate] [CVE-2018-12584] Heap overflow vulnerability in resiprocate through 1.10.2
  - From: Diego Carvalho Domingos

Prev by Date: Re: [reSIProcate] DNS over TLS
Next by Date: [reSIProcate] [CVE-2018-12584] Heap overflow vulnerability in resiprocate through 1.10.2
Previous by thread: Re: [reSIProcate] DNS over TLS
Next by thread: Re: [reSIProcate] [CVE-2018-12584] Heap overflow vulnerability in resiprocate through 1.10.2
Index(es):
- Date
- Thread