Published: 13/01/2006 Updated: 19/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Buffer overflow in eStara Softphone 3.0.1.14 up to and including 3.0.1.46 allows remote malicious users to execute arbitrary code via a long attribute (aka "a") field in the SDP data of a SIP packet on UDP port 5060.

Vulnerable Product	Search on Vulmon	Subscribe to Product
estara softphone 3.0.1.46
estara softphone 3.0.1.14

#!/usr/bin/perl -s # damn-hippiepl by kokanin (google estara, it shows sip stuff and a hippie) # Remote "estara softphone" exploit, executable version info = 3012 # kokanin did the research, metasploitcom did the encoded bindshell on tcp/5060 # Lets face it, most users wont know the difference between tcp and udp even if # if it bites them in ...

/*************************************** eStara Softphone buffer overflow exploit tested on : eStara Softphone 30114 |||||| eStara Softphone 30146 Vender website : wwwestaracom/softphone/softphexe Run this application, then use nc to send builded packet : nc -u 127001 5060 <sip_overflow_exploitdat It will display a "hack ...

NVD-CWE-Other http://www.securityfocus.com/bid/16213 http://securitytracker.com/id?1015481 http://secunia.com/advisories/18410 http://www.osvdb.org/22348 http://www.vupen.com/english/advisories/2006/0167 https://exchange.xforce.ibmcloud.com/vulnerabilities/24090 http://www.securityfocus.com/archive/1/421596/100/0/threaded https://nvd.nist.gov https://www.exploit-db.com/exploits/1414/

CVE-2006-0189

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect