lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <507991B8-74D5-466A-90C8-8B97DB8BDE1F@s21sec.com>
Date: Wed, 12 Sep 2007 11:37:01 +0200
From: S21sec Labs <labs@...sec.com>
To: full-disclosure@...ts.grok.org.uk
Cc: bugtraq@...urityfocus.com
Subject: S21SEC-036-EN Ekiga <= 2.0.5 Denial of service

##############################################################
                      - S21Sec Advisory -
##############################################################

     Title:		Ekiga Denial of Service
        ID:		S21SEC-036-en
  Severity:	Medium - Remote DoS
   History:		14.May.2007 Vulnerability discovered
			09.Jul.2007 Vendor contacted

     Scope:	Application Denial of Service
Platforms:	Any
    Author:	Jose Miguel Esparza (jesparza@...sec.com)
       URL:		http://www.s21sec.com/avisos/s21sec-036-en.txt
   Release:	Public


[ SUMMARY ]

Ekiga (formely known as GnomeMeeting) is an open source VoIP and  
video conferencing application for
GNOME. Ekiga uses both the H.323 and SIP protocols. It supports many  
audio and video codecs, and is
interoperable with other SIP compliant software and also with  
Microsoft NetMeeting.


[ AFFECTED VERSIONS ]

Following versions are affected with this issue:
	- Ekiga 2.0.5 and prior.


[ DESCRIPTION ]

Due to a bad management of memory allocation for the input data it's  
possible to crash the application
causing a denial of service.


[ WORKAROUND ]

Upgrade to 2.0.7 or 2.0.9 versions is recommended to resolve this  
problem. If not possible, some
additional input data check will be necessary in the  
SIPURL::GetHostAddress() function.


[ ACKNOWLEDGMENTS ]

This vulnerability have been found and researched by:
	- Jose Miguel Esparza <jesparza@...sec.com> S21Sec


[ ADDITIONAL INFORMATION ]

This vulnerability has been discovered thanks to the network fuzzer  
Malybuzz disponible in the url
http://malybuzz.sourceforge.net/.


[ REFERENCES ]

* Ekiga
   http://ekiga.org

* S21Sec
   http://www.s21sec.com

* S21sec Blog
   http://blog.s21sec.com

* Malybuzz
   http://www.s21sec.com/malybuzz/malybuzz.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ