{"id":"CVE-2016-2385","details":"Heap-based buffer overflow in the encode_msg function in encode_msg.c in the SEAS module in Kamailio (formerly OpenSER and SER) before 4.3.5 allows remote attackers to cause a denial of service (memory corruption and process crash) or possibly execute arbitrary code via a large SIP packet.","modified":"2026-04-11T03:43:43.008992Z","published":"2016-04-11T15:59:05.500Z","references":[{"type":"WEB","url":"http://www.securityfocus.com/archive/1/537926/100/0/threaded"},{"type":"WEB","url":"http://www.kamailio.org/pub/kamailio/4.3.5/ChangeLog"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3535"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3537"},{"type":"EVIDENCE","url":"https://census-labs.com/news/2016/03/30/kamailio-seas-heap-overflow/"},{"type":"EVIDENCE","url":"https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643"},{"type":"EVIDENCE","url":"https://www.exploit-db.com/exploits/39638/"},{"type":"EVIDENCE","url":"http://packetstormsecurity.com/files/136477/Kamailio-4.3.4-Heap-Overflow.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/kamailio/kamailio","events":[{"introduced":"0"},{"last_affected":"0ec86096bdef916d20a4c97618d7b74a1e2ec827"},{"fixed":"f50c9c853e7809810099c970780c30b0765b0643"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"4.3.4"}]}}],"versions":["3.0_pre1","4.3.0","4.3.1","4.3.2","4.3.3","4.3.4","after_0_9_4_pkg_merge","after_makefile_merges","after_testing_0_8_12_r0_merge","after_testing_0_8_12_r1_merge","after_xl","before_db_api_changes","before_dest_info_changes_2","before_kill_repl_add_rm","before_lumps_split","before_malloc_changes","before_new_timers","before_replication_patch","before_socket_info_lists","before_str2ip_changes","before_tcp_port_aliases","before_testing_0_8_12_r0_merge","before_testing_0_8_12_r1_merge","before_tm_timers","before_xl","bflmpsvz","bigbang","bogdan_final_version","budvar","fixstats","gpled","ipv4_working","ipv6","last_merge_to_janakj","listen_ifs","mem-fixes","myself_port_lo","new_cfg_compiles","new_hash","new_timers","old_mod_iface","post-zt","pre-bigbang","pre-zt","pre22","pre6-tcp4","pre6-tcp5-tm","pre_fixstats","pregpl","rel_0_8_11_root","rel_0_9_0_root","ser_0-8-6-4","ser_081-plugins","ser_082","ser_0839_errors","ser_0_7","ser_0_8_10","ser_0_8_10_pre2","ser_0_8_10_pre3","ser_0_8_10_pre4","ser_0_8_10_pre5","ser_0_8_3_1","ser_0_8_3_2","ser_0_8_6-5-stable","ser_0_8_6-6-beer-release","ser_0_8_7-0-unstable","ser_0_8_8-final-cd-release","ser_0_8_9","ser_0_8_9-release","sip_083","sip_pre-plugin","sr_3.1_freeze","sr_before_modules_merge","sr_simpleconfig","srv","tcp2","testing_0_8_12_root","tmp_pcl_tag_17368Js8","v03","v0_2","v0_8_11_pre9","v0_8_11dev34","v0_8_11pre29","v0_8_11pre29-prerelease","v0_8_11pre29-prerelease-cd","v0_8_11pre8","v0_8_12_t02_merged_w_v0_8_11pre35","v0_8_12dev-t03","v0_8_12dev_t05","v0_8_12dev_t13","v0_8_13dev-t16","v0_8_8","wo_sp"],"database_specific":{"vanir_signatures_modified":"2026-04-11T03:43:43Z","source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2385.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"8.0"}]}],"vanir_signatures":[{"digest":{"length":3699,"function_hash":"91223690401395193117105268344153768528"},"signature_version":"v1","deprecated":false,"id":"CVE-2016-2385-5ebe3977","signature_type":"Function","target":{"function":"encode_msg","file":"modules/seas/encode_msg.c"},"source":"https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643"},{"digest":{"line_hashes":["221125951136127670003058648238912580109","185724564334586000378420562852713908961","162921764091139509490171745442129982752","13221970240674696037362829513348688430","80466780312632555410180150471875982336","124248757180292392880837749569296223629","156343932907448452507792033016352619609"],"threshold":0.9},"signature_version":"v1","deprecated":false,"id":"CVE-2016-2385-fb9761ed","signature_type":"Line","target":{"file":"modules/seas/encode_msg.c"},"source":"https://github.com/kamailio/kamailio/commit/f50c9c853e7809810099c970780c30b0765b0643"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}]}