CVE-2008-3210

ReSIProcate 1.3.2 - Denial of Service via Long Domain Name in SIP Request URI

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-3210. PoCs published by Mu Security.

AI-analyzed exploit summary This is a vulnerability advisory for CVE-2008-3210, detailing a remote DoS in reSIProcate SIP stack 1.3.2. The issue is triggered by a malformed INVITE or OPTIONS message with an overly long domain name in the request line URI, causing an assertion failure.

Description

rutil/dns/DnsStub.cxx in ReSIProcate 1.3.2, as used by repro, allows remote attackers to cause a denial of service (daemon crash) via a SIP (1) INVITE or (2) OPTIONS message with a long domain name in a request URI, which triggers an assert error.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Mu Security · textdosmultiple

https://www.exploit-db.com/exploits/6046

View Code ZIP pw:eip

This is a vulnerability advisory for CVE-2008-3210, detailing a remote DoS in reSIProcate SIP stack 1.3.2. The issue is triggered by a malformed INVITE or OPTIONS message with an overly long domain name in the request line URI, causing an assertion failure.

Classification

Writeup 100%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: reSIProcate SIP stack 1.3.2, repro SIP proxy/registrar 1.3.2

No auth needed

Prerequisites: Network access to the target SIP proxy/registrar

MITRE ATT&CK