Computer Security
[EN] no-pyccku

Yate VoIP server DoS
SecurityVulns ID:7654
Threat Level:
Description:NULL pointer dereference on absent "purpose" parameter of SIP "Call-Info" header.
Affected:YATE : Yate 1.1
CVE:CVE-2007-1693 (The SIP channel module in Yet Another Telephony Engine (Yate) before 1.2.0 sets the caller_info_uri parameter using a incorrect variable that can be NULL, which allows remote attackers to cause a denial of service (NULL dereference and application crash) via a Call-Info header without a purpose parameter.)
Original documentdocumentno-reply_(at), Radware Security Advisory - Yate 1.1.0 Denial of Service Vulnerability (02.05.2007)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod