CVE-2007-5469

OpenSER 1.2.2 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). NOTE: Debian disputes this issue, stating that "having the two URIs mismatch is allowed by the standard and happens in some setups for valid reasons.

Published: Oct 16, 2007
Updated: Nov 8, 2023
CVE: CVE-2007-5469
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
openser / openser	1.2.2	1.2.2.x

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446956
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066691.html
http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066694.html
http://secunia.com/advisories/27204
http://www.securityfocus.com/bid/26057
https://exchange.xforce.ibmcloud.com/vulnerabilities/37197

Vulnerability Database

290,301

CVE-2007-5469