Articles with tag: Seas
POSTED BY: Stelios Tsampas / 30.03.2016

Kamailio SEAS module encode_msg heap buffer overflow

CENSUS ID:CENSUS-2016-0009
CVE ID:CVE-2016-2385
Affected Products:Kamailio 4.3.4 (and possibly previous versions)
Class:Heap-based Buffer Overflow (CWE-122)
Remote:Yes
Discovered by:Stelios Tsampas

Kamailio (successor of former OpenSER and SER) is an Open Source SIP Server released under GPL, able to handle thousands of call setups per second. Kamailio can be used to build large platforms for VoIP and realtime communications, presence, WebRTC, Instant messaging and other applications. It can also easily be applied to scaling up SIP-to-PSTN gateways, PBX systems or media servers.