The dissect_sip_p_charging_func_addresses function in...
Low severity
Unreviewed
Published
May 17, 2022
to the GitHub Advisory Database
•
Updated Feb 3, 2023
Description
Published by the National Vulnerability Database
Feb 3, 2013
Published to the GitHub Advisory Database
May 17, 2022
Last updated
Feb 3, 2023
The dissect_sip_p_charging_func_addresses function in epan/dissectors/packet-sip.c in the SIP dissector in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly handle offset data associated with a quoted string, which allows remote attackers to cause a denial of service (infinite loop) via a malformed packet.
References