Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Kamailio Auth: Processing Vulnerability For Additional Authenticated User Identity Checks
Vulnerability Description
Kamailio is an open source implementation of a SIP Signaling Server. Prior to 6.0.5 and 5.8.7, an out-of-bounds read in the auth module of Kamailio (formerly OpenSER and SER) allows remote attackers to cause a denial of service (process crash) via a specially crafted SIP packet if a successful user authentication without a database backend is followed by additional user identity checks. This vulnerability is fixed in 6.0.5 and 5.8.7.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Vulnerability Type
跨界内存读
Vulnerability Title
Kamailio 缓冲区错误漏洞
Vulnerability Description
Kamailio是Kamailio开源的一个 SIP 信令服务器的开源实现。 Kamailio 6.0.5之前版本和5.8.7之前版本存在缓冲区错误漏洞,该漏洞源于越界读取,可能导致拒绝服务。
CVSS Information
N/A
Vulnerability Type
N/A