Fedora 7: 2008-3508 Critical Exploit In sipp Buffer Overflow

SIPp is a free Open Source test tool / traffic generator for the SIP protocol.

It includes a few basic SipStone user agent scenarios (UAC and UAS) and

establishes and releases multiple calls with the INVITE and BYE methods. It

can also reads custom XML scenario files describing from very simple to

complex call flows. It features the dynamic display of statistics about

running tests (call rate, round trip delay, and message statistics), periodic

CSV statistics dumps, TCP and UDP over multiple sockets or multiplexed with

retransmission management and dynamically adjustable call rates.

* CVE-2008-1959 * Ver. 3.1.

[ 1 ] Bug #444728 - CVE-2008-1959 SIPp stack based buffer overflow in get_remote_video_port_media()

https://bugzilla.redhat.com/show_bug.cgi?id=444728

su -c 'yum update sipp' at the command line.

For more information, refer to "Managing Software with yum",

available at .

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

Fedora-package-announce mailing list

Fedora-package-announce@redhat.com

https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/