Vulnerabilities > CVE-2018-8828 - Off-by-one Error vulnerability in multiple products

047910
CVSS 9.8 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
kamailio
debian
CWE-193
critical
nessus

Summary

A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c.

Vulnerable Configurations

Part Description Count
Application
Kamailio
84
OS
Debian
2

Common Weakness Enumeration (CWE)

Nessus

  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4148.NASL
    descriptionAlfred Farrugia and Sandro Gauci discovered an off-by-one heap overflow in the Kamailio SIP server which could result in denial of service and potentially the execution of arbitrary code.
    last seen2020-06-01
    modified2020-06-02
    plugin id108570
    published2018-03-23
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/108570
    titleDebian DSA-4148-1 : kamailio - security update
  • NASL familyFreeBSD Local Security Checks
    NASL idFREEBSD_PKG_5AF6378BBD884997BCCCB9BA2DAECDD2.NASL
    descriptionA specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c
    last seen2020-06-01
    modified2020-06-02
    plugin id109662
    published2018-05-10
    reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/109662
    titleFreeBSD : kamailio - buffer overflow (5af6378b-bd88-4997-bccc-b9ba2daecdd2)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4240-1.NASL
    descriptionIt was discovered that Kamailio incorrectly handled a specially crafted file. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id133039
    published2020-01-17
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/133039
    titleUbuntu 16.04 LTS : kamailio vulnerability (USN-4240-1)