This PoC demonstrates a local buffer overflow in SIPp 3.6-dev and earlier by passing a long string (300 'A's) to command-line arguments (-3pcc, -i, -log_file), triggering a strcpy-based overflow. The crash occurs in main() at specific lines in sipp.cpp, as shown by the ASan stack traces.
Classification
Working Poc 90%
Attack Type
Dos
Complexity
Trivial
Reliability
Reliable
Target:SIPp 3.6-dev and earlier
No auth needed
Prerequisites:Local access to execute SIPp with crafted arguments