Denial of service in Drachtio Server
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-47517 CVE-2022-45909 |
| CWE-ID | CWE-193 CWE-125 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
Drachtio Server Server applications / Conferencing, Collaboration and VoIP solutions |
| Vendor | drachtio |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Off-by-one
EUVDB-ID: #VU73158
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-47517
CWE-ID:
CWE-193 - Off-by-one Error
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary error in url_canonize2() when processing UDP packets. A remote attacker can send a specially crafted UDP request to the server, trigger an off-by-one error and crash it. MitigationInstall update from vendor's website.
Vulnerable software versionsDrachtio Server: 0.2.0 - 0.8.18 rc8
CPE2.3 External links
http://github.com/davehorton/sofia-sip/commit/22c1bd191f0acbf11f0c0fbea1845d9bf9dcd47e
http://github.com/davehorton/sofia-sip/commit/bfc79d85c8f3a4798a3305fb98f5a11c11d0d29f
http://github.com/drachtio/drachtio-server/issues/243
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
2) Out-of-bounds read
EUVDB-ID: #VU73157
Risk: Medium
CVSSv3.1:
CVE-ID: CVE-2022-45909
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer over-read when processing a long Request-URI in an INVITE request. A remote attacker can send a specially crafted request to the server and perform a denial of service attack.
MitigationInstall update from vendor's website.
Vulnerable software versionsDrachtio Server: 0.2.0 - 0.8.18 rc8
CPE2.3 External links
http://github.com/drachtio/drachtio-server/commit/a63d01854987d9fd846cdc9265af38ee9eb72490
http://github.com/drachtio/drachtio-server/compare/v0.8.18...v0.8.19
http://github.com/drachtio/drachtio-server/pull/238
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?
