CVE-2018-12584
CVE-2018-12584
The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.
Affected products
n/a · n/apublic PoCs found — 3
cve_referencepacketstormsecurity.com/files/148856/reSIProcate-1.10.2-Heap-Overflow.htmlunverifiedcve_referencewww.exploit-db.com/exploits/45174/unverifiedexploitdbwww.exploit-db.com/exploits/45174unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://joachimdezutter.webredirect.org/advisory.htmlhttp://seclists.org/bugtraq/2018/Aug/14https://github.com/resiprocate/resiprocate/commit/2cb291191c93c7c4e371e22cb89805a5b31d6608https://lists.debian.org/debian-lts-announce/2018/07/msg00031.htmlhttps://lists.debian.org/debian-lts-announce/2021/12/msg00029.htmlhttps://packetstormsecurity.com/files/148856/reSIProcate-1.10.2-Heap-Overflow.htmlhttps://www.exploit-db.com/exploits/45174/