Vulnerabilities > CVE-2006-4029 - Buffer Overflow vulnerability in AGEphone SIP Packet Handling
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Stack-based buffer overflow in sipd.dll in AGEphone 1.24 and 1.38.1 allows remote attackers to execute arbitrary code via a crafted UDP SIP packet. This vulnerability is addressed in the following product release: AGEphone 1.40
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
| description | AGEphone 1.28/1.38 SIP Packet Handling Buffer Overflow Vulnerability. CVE-2006-4029. Dos exploit for windows platform |
| id | EDB-ID:28266 |
| last seen | 2016-02-03 |
| modified | 2006-07-24 |
| published | 2006-07-24 |
| reporter | Tan Chew Keong |
| source | https://www.exploit-db.com/download/28266/ |
| title | AGEphone 1.28/1.38 SIP Packet Handling Buffer Overflow Vulnerability |
References
- http://marc.info/?l=full-disclosure&m=115383213602413&w=2
- http://secunia.com/advisories/21175
- http://securityreason.com/securityalert/1345
- http://securitytracker.com/id?1016577
- http://vuln.sg/agephone1381-en.html
- http://www.securityfocus.com/archive/1/441086/100/100/threaded
- http://www.securityfocus.com/bid/19148
- http://www.vupen.com/english/advisories/2006/2959
- https://exchange.xforce.ibmcloud.com/vulnerabilities/27944