MultiVOIP Buffer Overflow in Processing INVITE Packet May Let Remote Users Execute Arbitrary Code - SecurityTracker

	Keep Track of the Latest Vulnerabilities with SecurityTracker!

Home | View Topics | Search | Contact Us |

SecurityTracker
Archives

Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary

Instant Alerts

Buy our Premium Vulnerability Notification Service to receive customized, instant alerts

Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!

Become a Partner and License Our Database or Notification Service

Report a Bug

Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com

Category: Device (VoIP/Phone/FAX) > MultiVOIP

Vendors: Multi-Tech Systems

MultiVOIP Buffer Overflow in Processing INVITE Packet May Let Remote Users Execute Arbitrary Code

SecurityTracker Alert ID: 1015314

SecurityTracker URL: http://securitytracker.com/id/1015314

CVE Reference: GENERIC-MAP-NOMATCH (Links to External Site)

Date: Dec 6 2005

Impact: Execution of arbitrary code via network, User access via network

Fix Available: Yes Vendor Confirmed: Yes

Version(s): prior to x.08

Description: A vulnerability was reported in MultiVOIP. A remote user may be able to execute arbitrary code on the target system.

A remote user can send a SIP packet with a specially crafted INVITE field that is longer than 60 characters to trigger a buffer overflow. As a result, it may be possible to execute arbitrary code on the gateway.

SecurityLab technologies discovered this vulnerability.

Impact: A remote user may be able to execute arbitrary code on the target device.

Solution: The vendor has issued a fixed version (x.08).

Vendor URL: www.multitech.com/PRODUCTS/Families/MultiVOIP/ (Links to External Site)

Cause: Boundary error

Underlying OS:

Message History: None.

Source Message Contents

Date: Mon, 5 Dec 2005 12:54:52 -0500
Subject: [Full-disclosure] Buffer Overflow in MultiTech VoIP Implementations


Overview:
The MultiVOIP voice over IP gateway provides toll-free voice and fax
communications over the Internet or Intranet. Occasionally MultiTech
develops and licenses their VoIP Gateways and VoIP related stacks for
inclusion in third party platforms. Therefore, this bug may affect
products outside of the MultiTech line.

SecurityLab technologies has discovered a remote buffer overflow in
MultiTech's MultiVOIP product line that may lead to remote code 
execution.

Details:
The buffer overflow occurs in the SIP packet INVITE field with a
string greater than 60 characters. Testing was performed on an
embedded device with limited debug environment. Source code was not
avaible for further analysys.

Vendor Response:
Patched. Version x.08

Recommendation:
Contact vendor for current release.

Site of the day:
InfoSecDaily http://www.infosecdaily.net
security news for security professionals

Copyright 2005 SecurityLab Technologies, Inc. You may distribute freely
without modification.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Go to the Top of This SecurityTracker Archive Page

Home | View Topics | Search | Contact Us
Copyright 2013, SecurityGlobal.net LLC