CVE-2005-4466

Interaction SIP Proxy <3.0.011 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2005-4466. PoCs published by Behrang Fouladi.

AI-analyzed exploit summary This exploit targets a heap memory corruption vulnerability in Interaction SIP Proxy by sending a malformed SIP REGISTER request with an oversized header. It demonstrates a denial-of-service (DoS) condition, though remote code execution is unconfirmed.

Description

Heap-based buffer overflow in the SIPParser function in i3sipmsg.dll in Interaction SIP Proxy before 3.0.011 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a REGISTER request with a SPI version number that contains a large number of space or tab characters.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Behrang Fouladi · perldosmultiple

https://www.exploit-db.com/exploits/26922

View Code ZIP pw:eip

This exploit targets a heap memory corruption vulnerability in Interaction SIP Proxy by sending a malformed SIP REGISTER request with an oversized header. It demonstrates a denial-of-service (DoS) condition, though remote code execution is unconfirmed.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Interaction SIP Proxy 3.0.010

No auth needed

Prerequisites: Network access to the target SIP Proxy on port 5060

MITRE ATT&CK