[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Multiple DoS vulnerabilities in libosip2-4.1.0
Antisip's libosip2 v4.1.0 is vulnerable to heap buffer overflows in the following functions while parsing SIP messages and leads to a DoS if glibc hardening is enabled.
All files for reproducing the issues have been filed in the bug tracker  and have since been fixed in upcoming osip version 5.0.0 . I wonder if the report is sufficient to mandate CVEs. Feedback welcome.