OfficeSIP Server Denial Of Service Vulnerability
SecPod Research Team member (Prabhu S Angadi) has found Denial Of Service Vulnerability in OfficeSIP Server. The vulnerability is caused due to improper validation of SIP/SIPS URI in the ‘To’ header of the request. The flaw can be exploited to crash the service.
Jan 31, 2012By Veerendra GG1 min read
SecPod Research Team member (Prabhu S Angadi) has found Denial Of Service Vulnerability in OfficeSIP Server. The vulnerability is caused due to improper validation of SIP/SIPS URI in the ‘To’ header of the request. The flaw can be exploited to crash the service.
POC : Download here.
More information can be found here.
CVE Info: CVE-2012-1008
Welcome any feedback or suggestion.
Cheers!
SecPod Research Team