Vulnerabilities > CVE-2006-0738 - Denial of Service vulnerability in eStara Softphone
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
Multiple format string vulnerabilities in eStara SIP softphone allow remote attackers to cause a denial of service (hang) via SIP INVITE requests with format string specifiers in the SDP session description, as demonstrated using (1) the field name, (2) the o field (owner/creator and session identifier), or (3) the m field (media name and transport address).
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | eStara SoftPhone 3.0.1 SIP SDP Message Handling Format String DoS. CVE-2006-0738. Dos exploits for multiple platform |
| id | EDB-ID:27210 |
| last seen | 2016-02-03 |
| modified | 2006-02-14 |
| published | 2006-02-14 |
| reporter | ZwelL |
| source | https://www.exploit-db.com/download/27210/ |
| title | eStara SoftPhone 3.0.1 - SIP SDP Message Handling Format String DoS |