Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0359

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2006-0359
Last Modified 07 Mar 2011 09:29:53
Published 22 Jan 2006 03:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0359

Summary

Buffer overflow in CounterPath eyeBeam SIP Softphone allows remote attackers to (1) cause a denial of service (device crash) via SIP INVITE commands with a long header field name sent during startup and (2) cause a denial of service (device hang or crash) via SIP INVITE commands with a long header field name sent during a call.

Vulnerable Systems

Application

  • Counterpath Eyebeam Sip Softphone


References

XF - eyebeam-sip-header-bo(24181)

VUPEN - ADV-2006-0259

BID - 16253

BUGTRAQ - 20060921 Re: CounterPath eyeBeam Handing SIP header Vulnerabilities

BUGTRAQ - 20060116 CounterPath eyeBeam Handing SIP header Vulnerabilities

SREASON - 354

SECUNIA - 18516

MISC - http://blog.donews.com/zwell/archive/2006/01/17/698810.aspx


Last Updated: 27 May 2016 10:41:37