Bugtraq mailing list archives
OpenSER 1.1.0 parse_config buffer overflow vulnerability
From: sapheal () hack pl
Date: 20 Dec 2006 23:32:48 -0000
Function of a prototype: static int parse_expression(char *str, expression **e, expression **e_exceptions) in OpenSER 1.1.0 (SIP router implementation) is vulnerable to buffer overflow as /str/ might be longer than the destination (where it is coppied to).
Current thread:
- OpenSER 1.1.0 parse_config buffer overflow vulnerability sapheal (Dec 21)