CVE-2008-3210

Name of the Vulnerable Software and Affected Versions: ReSIProcate version 1.3.2

Description: The issue allows remote attackers to cause a denial of service, resulting in a daemon crash. This can be achieved by sending a SIP message, either INVITE or OPTIONS, with a long domain name in the request URI. The long domain name triggers an assert error.

Recommendations: For ReSIProcate version 1.3.2, consider restricting the length of domain names in request URIs to prevent the assert error and subsequent daemon crash. As a temporary workaround, restrict access to the DnsStub.cxx component until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.