Vulnerability Details : CVE-2016-2385
Potential exploit
Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet.
Vulnerability category: OverflowMemory CorruptionExecute codeDenial of service
Products affected by CVE-2016-2385
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:a:kamailio:kamailio:*:*:*:*:*:*:*:*
Threat overview for CVE-2016-2385
Top countries where our scanners detected CVE-2016-2385
Top open port discovered on systems with this issue
5060
IPs affected by CVE-2016-2385 96
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-2385!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-2385
25.77%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 97 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-2385
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
CWE ids for CVE-2016-2385
-
The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-2385
-
http://packetstormsecurity.com/files/136477/Kamailio-4.3.4-Heap-Overflow.html
Kamailio 4.3.4 Heap Overflow ≈ Packet StormExploit
-
http://www.kamailio.org/pub/kamailio/4.3.5/ChangeLog
-
http://www.securityfocus.com/archive/1/537926/100/0/threaded
SecurityFocus
-
http://www.debian.org/security/2016/dsa-3535
Debian -- Security Information -- DSA-3535-1 kamailio
-
http://www.debian.org/security/2016/dsa-3537
Debian -- Security Information -- DSA-3537-1 imlib2
-
https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643
seas: safety check for target buffer size before copying message in e… · kamailio/kamailio@f50c9c8 · GitHubExploit
-
https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/
CENSUS | IT Security WorksExploit
-
https://www.exploit-db.com/exploits/39638/
Kamailio 4.3.4 - Heap Buffer OverflowExploit
Jump to