[Full-disclosure] [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

[vuln.sg] Vulnerability Research Advisory

AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow

by Tan Chew Keong
Release Date: 2006-07-25

Summary

A vulnerability has been found in AGEphone. When exploited, the
vulnerability allows execution of arbitrary code with privileges of the
AGEphone user via a single specially-crafted UDP SIP packet.

Tested Versions

AGEphone for Windows version 1.24 and 1.38.1

Details

http://vuln.sg/agephone1381-en.html

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/