PT-2017-12068 · Resiprocate · Resiprocate

Publicado

2017-07-22

·

Atualizado

2022-04-06

·

CVE-2017-11521

CVSS v3.1

7.5

Alta

VetorAV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Name of the Vulnerable Software and Affected Versions reSIProcate version 1.10.2
Description The issue allows remote attackers to cause a denial of service, specifically memory consumption, by triggering many media connections through the SdpContents::Session::Medium::parse function in resip/stack/SdpContents.cxx.
Recommendations For reSIProcate version 1.10.2, consider restricting access to the SdpContents::Session::Medium::parse function as a temporary workaround until a patch is available.

Correção

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

CVE-2017-11521
DLA-1040-1
DLA-1439-1
DLA-2865-1

Produtos afetados

Resiprocate