Hi all, I just used the SIP-Version of Protos Test-Suite and realized a vulnerability in xlog.so: If you use xlog in ser.cfg and you inject the format string "%s%x%n" as request-method than ser hangs up. I use ser 0.8.14. The simulation tool is available at: http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ regards, Philipp