#VU73158 Off-by-one in Drachtio Server - CVE-2022-47517

Cybersecurity Help s.r.o.

Published: 2023-03-08

Vulnerability identifier: #VU73158

Vulnerability risk: Medium

CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-47517

CWE-ID: CWE-193

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Drachtio Server
Server applications / Conferencing, Collaboration and VoIP solutions

Vendor: drachtio

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error in url_canonize2() when processing UDP packets. A remote attacker can send a specially crafted UDP request to the server, trigger an off-by-one error and crash it.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Drachtio Server: 0.2.0 - 0.8.18

External links
https://github.com/davehorton/sofia-sip/commit/22c1bd191f0acbf11f0c0fbea1845d9bf9dcd47e
https://github.com/davehorton/sofia-sip/commit/bfc79d85c8f3a4798a3305fb98f5a11c11d0d29f
https://github.com/drachtio/drachtio-server/issues/243

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Denial of service in Drachtio Server