FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

kamailio - buffer overflow

Affected packages
kamailio < 5.1.2

Details

VuXML ID 5af6378b-bd88-4997-bccc-b9ba2daecdd2
Discovery 2018-02-10
Entry 2018-05-06

A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c

References

CVE Name CVE-2018-8828
URL https://github.com/EnableSecurity/advisories/tree/master/ES2018-05-kamailio-heap-overflow
URL https://www.kamailio.org/w/2018/03/kamailio-security-announcement-tmx-lcr/