CVE-2018-12584

CRITICAL

reSIProcate <1.10.2 - Buffer Overflow

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-12584. PoCs published by Joachim De Zutter.

AI-analyzed exploit summary This Python script exploits a heap overflow vulnerability in reSIProcate SIP stack (CVE-2018-12584) by sending maliciously crafted SIP messages over TLS with mismatched Content-Length headers. It can trigger the vulnerability in both client and server modes, potentially leading to remote code execution.

Description

The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled.

Exploits (1)

exploitdb WORKING POC

by Joachim De Zutter · pythondosmultiple

https://www.exploit-db.com/exploits/45174

View Code ZIP pw:eip

This Python script exploits a heap overflow vulnerability in reSIProcate SIP stack (CVE-2018-12584) by sending maliciously crafted SIP messages over TLS with mismatched Content-Length headers. It can trigger the vulnerability in both client and server modes, potentially leading to remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: reSIProcate SIP stack through 1.10.2

No auth needed

Prerequisites: TLS-enabled SIP service using reSIProcate · Network access to target

MITRE ATT&CK