OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
BID:25955
Info
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
| Bugtraq ID: | 25955 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: |
CVE-2007-4924 |
| Remote: | Yes |
| Local: | No |
| Published: | Oct 08 2007 12:00AM |
| Updated: | Jul 27 2009 10:05PM |
| Credit: | Jose Miguel Esparza is credited with the discovery of this vulnerability. |
| Vulnerable: |
Ubuntu Ubuntu Linux 7.04 sparc Ubuntu Ubuntu Linux 7.04 powerpc Ubuntu Ubuntu Linux 7.04 i386 Ubuntu Ubuntu Linux 7.04 amd64 Ubuntu Ubuntu Linux 6.10 sparc Ubuntu Ubuntu Linux 6.10 powerpc Ubuntu Ubuntu Linux 6.10 i386 Ubuntu Ubuntu Linux 6.10 amd64 Ubuntu Ubuntu Linux 6.06 LTS sparc Ubuntu Ubuntu Linux 6.06 LTS powerpc Ubuntu Ubuntu Linux 6.06 LTS i386 Ubuntu Ubuntu Linux 6.06 LTS amd64 SuSE Linux Desktop 1.0 S.u.S.E. openSUSE 10.3 Redhat Enterprise Linux Optional Productivity Application 5 server Redhat Enterprise Linux Desktop Workstation 5 client Redhat Enterprise Linux Desktop 5 client OpenH323 OpenH323 Opal 2.2.8 OpenH323 OpenH323 Opal 2.2.4 Mandriva Linux Mandrake 2007.1 x86_64 Mandriva Linux Mandrake 2007.1 Mandriva Linux Mandrake 2007.0 x86_64 Mandriva Linux Mandrake 2007.0 Ekiga Ekiga 2.0.9 Ekiga Ekiga 2.0.5 Ekiga Ekiga 2.0.4 Ekiga Ekiga 2.0.3 Ekiga Ekiga 2.0.2 Ekiga Ekiga 2.0.1 |
| Not Vulnerable: |
Ekiga Ekiga 2.0.11 Ekiga Ekiga 2.0.10 |
Discussion
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
OpenH323 is prone to a remote denial-of-service vulnerability because of memory mismanagement when handling user-supplied data.
Successfully exploiting this issue allows remote attackers to deny service to legitimate users.
This issue affects OpenH323 2.2.4; earlier versions may also be vulnerable. Applications using the affected library may also be vulnerable.
OpenH323 is prone to a remote denial-of-service vulnerability because of memory mismanagement when handling user-supplied data.
Successfully exploiting this issue allows remote attackers to deny service to legitimate users.
This issue affects OpenH323 2.2.4; earlier versions may also be vulnerable. Applications using the affected library may also be vulnerable.
Exploit / POC
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
An attacker can use readily available network tools to exploit this issue.
The following exploit is available:
An attacker can use readily available network tools to exploit this issue.
The following exploit is available:
Solution / Fix
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
Solution:
The vendor has addressed this issue in the latest CVS repository. Contact the vendor for details.
Solution:
The vendor has addressed this issue in the latest CVS repository. Contact the vendor for details.
References
OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability
References:
References:
- [Ekiga-list] [ANNOUNCE] Ekiga 2.0.10 released (Ekiga)
- Bugzilla Bug 296371: CVE-2007-4924 ekiga remote crash caused by insufficient inp (José Miguel Esparza)
- Diff of /opal/src/sip/sippdu.cxx (OpenH323)
- Ekiga Homepage (Ekiga)
- OPAL SIP Protocol Remote Denial of Service (Jose Miguel Esparza)
- OpenH323 Sourceforge Page (OpenH323)
- S21SEC-037-en: OPAL SIP Protocol Remote Denial of Service (S21sec Labs
- Red Hat Security Advisory RHSA-2007:0957-3: opal security update (Red Hat)