CVE-2024-3119 | irontec sngrep up to 1.8.0 SIP Header sip.c strncpy Call-ID/X-Call-ID buffer overflow

Posted by Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability, which was classified as critical, has been found in irontec sngrep up to 1.8.0. Affected by this issue is the function strncpy of the file sip.c of the component SIP Header Handler. The manipulation of the argument Call-ID/X-Call-ID leads to buffer overflow.

This vulnerability is handled as CVE-2024-3119. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3119 | irontec sngrep up to 1.8.0 SIP Header sip.c strncpy Call-ID/X-Call-ID buffer overflow

Related Posts

CVE-2024-39381 | Adobe After Effects AVI File Parser out-of-bounds write (ZDI-24-1202)

CVE-2024-1205 | israelb1 Management App for WooCommerce Plugin up to 1.2.0 on WordPress nouvello_upload_csv_file unrestricted upload

TP-Link TL-WR841N ated_tp command injection (ZDI-23-1624)

CVE-2023-52453 | Linux Kernel up to 6.6.13/6.7.1 hisi_acc_vfio_pci Privilege Escalation (45f80b2f230d/6bda81e24a35/be12ad45e15b)