Debian DLA-1503-1 : kamailio security update
High Nessus Plugin ID 117464
SynopsisThe remote Debian host is missing a security update.
DescriptionIt was discovered that there was a denial of service and a potential
arbitrary code execution vulnerability in the kamailio SIP server.
A specially crafted SIP message with an invalid 'Via' header could
cause a segmentation fault and crash Kamailio due to missing input
For Debian 8 'Jessie', this issue has been fixed in kamailio version
We recommend that you upgrade your kamailio packages.
NOTE: Tenable Network Security has extracted the preceding description
block directly from the DLA security advisory. Tenable has attempted
to automatically clean and format it as much as possible without
introducing additional issues.
SolutionUpgrade the affected packages.