CVE-2023-27597

CVSS V2 None CVSS V3 None
Description
OpenSIPS is a Session Initiation Protocol (SIP) server implementation. Prior to versions 3.1.8 and 3.2.5, when a specially crafted SIP message is processed by the function `rewrite_ruri`, a crash occurs due to a segmentation fault. This issue causes the server to crash. It affects configurations containing functions that make use of the affected code, such as the function `setport`. This issue has been fixed in version 3.1.8 and 3.2.5.
Overview
  • CVE ID
  • CVE-2023-27597
  • Assigner
  • security-advisories@github.com
  • Vulnerability Status
  • Analyzed
  • Published Version
  • 2023-03-15T21:15:09
  • Last Modified Date
  • 2023-03-21T19:14:22
CPE Configuration (Product)
CPE Vulnerable Operator Version Start Version End
cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:* 1 OR 3.1.8
cpe:2.3:a:opensips:opensips:*:*:*:*:*:*:*:* 1 OR 3.2.0 3.2.5
History
Created Old Value New Value Data Type Notes
2023-04-17 06:31:34 Added to TrackCVE
2023-04-17 06:31:37 Weakness Enumeration new