CVE-2008-1959

Description

Stack-based buffer overflow in the get_remote_video_port_media function in call.cpp in SIPp 3.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted SIP message. NOTE: some of these details are obtained from third party information.

How to fix CVE-2008-1959

To remediate CVE-2008-1959, upgrade the affected package to a fixed version below.

• Debian/sip-tester—upgrade to 2.0.1-1.2 or later

Is CVE-2008-1959 being exploited?

Low — EPSS is 3.1%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 2.0.1-1.2

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2008-1959