CVE-2008-2085

Multiple stack-based buffer overflows in the (1) get_remote_ip_media and (2) get_remote_ipv6_media functions in call.cpp in SIPp 3.1 allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted SIP message.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:N/C:P/I:P/A:P
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 87%
VendorProductVersion
icewalkerssipp
3.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
sip-tester
bookworm
1:3.6.1-1
fixed
bullseye
1:3.6.1-1
fixed
etch
no-dsa
sid
1:3.7.3-2
fixed
trixie
1:3.7.3-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
sip-tester
oneiric
not-affected
natty
not-affected
maverick
not-affected
lucid
not-affected
karmic
not-affected
jaunty
not-affected
intrepid
not-affected
hardy
ignored
gutsy
ignored
feisty
ignored
dapper
ignored
Common Weakness Enumeration
References
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479039
http://secunia.com/advisories/30095
http://secunia.com/advisories/30993
http://www.securityfocus.com/bid/29064
http://www.vupen.com/english/advisories/2008/1447/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42234
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00311.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00318.html
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479039
http://secunia.com/advisories/30095
http://secunia.com/advisories/30993
http://www.securityfocus.com/bid/29064
http://www.vupen.com/english/advisories/2008/1447/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/42234
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00311.html
https://www.redhat.com/archives/fedora-package-announce/2008-July/msg00318.html