SecuMania Security Portal - AGEphone SIP Packet Handling Buffer Overflow Vulnerability

Get our latest content via RSS feeds.

Report a vulnerability or exploit that you have found to SecuMania.
vul[at]SecuMania.org

I cant say I feel sorry for him, stupid spammer got what he deserved. We all know how it feels to op...

thanks

hi webmaster,plz help me to find any information about account harvesting and traversal path attack ...

Hello Webmasters My name is Nikolai. I am making an organization for the protection internet users f...

good job you are the best . mgharba talmout :d

Hello, The reported problem has been fixed. Regards, Catalina Danila Online Rent Customer Supp...

Not Vulnerable: Luis Wang netOffice Dwins 1.3.1 visit website http://netofficedwins .sourceforge.ne...

Current version of script corrected. Security patch available to registered users in the user foru...

But i think to protect the password is not needed because it's not used in the SQL-Execute statement...

you may find that your hotfix doesnt stop the password field from having SQL injected into it. This ...

AGEphone SIP Packet Handling Buffer Overflow Vulnerability

Tuesday, 25 July 2006

AGEphone SIP Packet Handling Buffer Overflow Vulnerability
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Jul 25 2006 12:00AM
Updated:	Jul 25 2006 10:17PM
Credit:	Discovered by Tan Chew Keong.
Vulnerable:	Ageet AGEphone 1.38.1 Ageet AGEphone 1.28
Not Vulnerable:	Ageet AGEphone 1.40
Description:	AGEphone is prone to a remote buffer-overflow vulnerability. Specifically, this issue presents itself when the application handles a malicious SIP (Session Initiation Protocol) packet. AGEphone versions 1.24 and 1.38.1 are reported vulnerable; other versions may be affected as well.
Exploit:	The researcher responsible for discovering this issue has developed an exploit, but it is currently not publicly available. The following proof of concept is available: AGEphone-SIP-Packet-Handling-Buffer-Overflow-Vulnerability-Agephone_poc.txt
Solution:	The vendor has released version 1.40 to address this issue. Ageet AGEphone 1.28 Ageet AGEphone 1.40 http://www.ageet.com/us/download.htm Ageet AGEphone 1.38.1 Ageet AGEphone 1.40 http://www.ageet.com/us/download.htm
References:	AGEphone (Ageet) AGEphone sipd.dll SIP Packet Handling Buffer Overflow (Tan Chew Keong) [vuln.sg] AGEphone sipd.dll SIP Packet Handling Buffer Overflow (vulnpost-remove@vuln.sg)
Source:	Securityfocus