Published: 07/09/2018 Updated: 24/08/2020

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

In Kamailio prior to 5.0.7 and 5.1.x prior to 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio. The reason is missing input validation in the crcitt_string_array core function for calculating a CRC hash for To tags. (An additional error is present in the check_via_address core function: this function also misses input validation.) This could result in denial of service and potentially the execution of arbitrary code.

Vulnerable Product	Search on Vulmon	Subscribe to Product
debian debian linux 9.0
debian debian linux 8.0
kamailio kamailio

Debian Bug report logs - #908324 kamailio: CVE-2018-16657 Package: src:kamailio; Maintainer for src:kamailio is Debian VoIP Team <pkg-voip-maintainers@listsaliothdebianorg>; Reported by: Chris Lamb <lamby@debianorg> Date: Sat, 8 Sep 2018 12:09:01 UTC Severity: grave Tags: security Found in versions kamailio/44 ...

Henning Westerholt discovered a flaw related to the Via header processing in kamailio, a very fast, dynamic and configurable SIP server An unauthenticated attacker can take advantage of this flaw to mount a denial of service attack via a specially crafted SIP message with an invalid Via header For the stable distribution (stretch), this problem h ...

CWE-476 https://skalatan.de/blog/advisory-hw-2018-06 https://www.debian.org/security/2018/dsa-4292 https://lists.debian.org/debian-lts-announce/2018/09/msg00013.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908324 https://nvd.nist.gov https://www.debian.org/security/./dsa-4292

CVE-2018-16657

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect