CVE-2023-28098 : Security Advisory and Response

This CVE details a vulnerability in OpenSIPS related to the Digest Authentication Parser.

Understanding CVE-2023-28098

OpenSIPS is a Session Initiation Protocol (SIP) server implementation. The vulnerability exists in versions prior to 3.1.7 and 3.2.4, where a specially crafted Authorization header can cause OpenSIPS to crash or behave unexpectedly due to a bug in the function

parse_param_name()

. The issue was discovered during coverage guided fuzzing of the function

parse_msg

, with the AddressSanitizer pinpointing the problem in the

q_memchr()

function called by

parse_param_name()

. This vulnerability may lead to erratic program behavior or server crashes, particularly affecting configurations that utilize functions like

www_authorize()

. Versions 3.1.7 and 3.2.4 include a fix for this issue.

What is CVE-2023-28098?

The vulnerability in OpenSIPS arises from improper input validation in the Digest Authentication Parser, impacting the stability and behavior of the SIP server.

The Impact of CVE-2023-28098

Exploitation of this vulnerability can result in program instability, unexpected behavior, or server crashes, posing a risk to the availability and reliability of OpenSIPS systems.

Technical Details of CVE-2023-28098

This section outlines the specific details related to the vulnerability in OpenSIPS.

Vulnerability Description

The vulnerability in OpenSIPS is attributed to a flaw in the function

parse_param_name()

due to improper input validation, triggered by a specially crafted Authorization header.

Affected Systems and Versions

Vendor: OpenSIPS
Product: opensips
Affected Versions:
< 3.1.7

= 3.2.0, < 3.2.4

Exploitation Mechanism

Attackers can exploit this vulnerability by sending a specially crafted Authorization header to OpenSIPS, triggering the bug in the

parse_param_name()

function and potentially causing crashes or unexpected behavior.

Mitigation and Prevention

It is crucial to take immediate action to mitigate the risks associated with CVE-2023-28098.

Immediate Steps to Take

Update OpenSIPS to version 3.1.7 or 3.2.4, which include a fix for this vulnerability.
Monitor for any unauthorized access or abnormal behavior on OpenSIPS servers.

Long-Term Security Practices

Regularly update and patch OpenSIPS to address any known vulnerabilities promptly.
Conduct security audits and assessments to identify and remediate potential weaknesses in the system.

Patching and Updates

Stay informed about security advisories and updates from OpenSIPS to deploy patches and fixes in a timely manner to ensure the security and stability of systems.