CVE-2024-3120 | irontec sngrep up to 1.8.0 SIP Header src/sip.c sip_validate_packet Content-Length/Warning stack-based overflow

Posted by Angelo Barbosa | Apr 10, 2024 | CVE

A vulnerability, which was classified as critical, was found in irontec sngrep up to 1.8.0. This affects the function sip_validate_packet of the file src/sip.c of the component SIP Header Handler. The manipulation of the argument Content-Length/Warning leads to stack-based buffer overflow.

This vulnerability is uniquely identified as CVE-2024-3120. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-3120 | irontec sngrep up to 1.8.0 SIP Header src/sip.c sip_validate_packet Content-Length/Warning stack-based overflow

Related Posts

CVE-2024-21465 | Qualcomm Snapdragon up to Qualcomm Video Collaboration VC3 Platform buffer over-read

CVE-2023-52496 | Linux Kernel up to 6.6.14/6.7.2 vmu-flash information disclosure (38c12f10990a/1168d6b79d2f/a7d84a2e7663)

CVE-2024-4248 | Tenda i21 1.0.0.14(4656) formQosManage_user ssidIndex stack-based overflow

CVE-2024-2162 | Kiloview NDI os command injection