[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OpenSER 1.1.0 parse_config buffer overflow vulnerability

Function of a prototype:
static int parse_expression(char *str, expression **e, expression 
**e_exceptions) 

in OpenSER 1.1.0 (SIP router implementation) is vulnerable to buffer overflow 
as /str/ might be longer than the destination (where it is coppied to).