Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

OpenSER 1.1.0 parse_config buffer overflow vulnerability

From: sapheal () hack pl
Date: 20 Dec 2006 23:32:48 -0000
Function of a prototype:
static int parse_expression(char *str, expression **e, expression **e_exceptions) 

in OpenSER 1.1.0 (SIP router implementation) is vulnerable to buffer overflow as /str/ might be longer than the 
destination (where it is coppied to).
Previous By Date Next
Previous By Thread Next

Current thread: