kamailio: SEAS Module Heap overflow (CVE-2016-2385)
A (remotely exploitable) heap overflow vulnerability was found in
Kamailio v4.3.4.
References:
https://marc.info/?l=oss-security&m=145555708207489&w=2
https://github.com/kamailio/kamailio/commits/4.2/modules/seas/encode\_msg.c
(kamailio 4.2.x)
Patch:
https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
4.2:
https://github.com/kamailio/kamailio/commit/bc4a545aa050dd36c982bf102464edbc14a88753
(from redmine: issue id 5347, created on 2016-03-30, closed on 2016-04-12)
- Relations:
- child #5348 (closed)
- child #5350 (closed)
- child #5351 (closed)
- child #5352 (closed)
- child #5353 (closed)