CVE-2007-4924
OpenH323 Opal SIP Protocol - Remote Denial of Service
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address."
Open Phone Abstraction Library (opal), como la usada en (1) Ekiga anterior a 2.0.10 y (2) OpenH323 anterior a 2.2.4, permite a atacantes remotos provocar una denegación de servicio (caída) mediante una cabecera Content-Length inválida en paquetes SIP del Protocolo de Inicio de Sesión (SIP, Session Initiation Protocol), lo cual provoca que el byte \0 sea escrito en una "dirección controlada por el atacante".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-09-17 CVE Reserved
- 2007-10-08 CVE Published
- 2024-08-07 CVE Updated
- 2024-08-07 First Exploit
- 2024-08-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (23)
URL | Tag | Source |
---|---|---|
http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19&r2=2.83.2.20 | X_refsource_confirm | |
http://osvdb.org/41637 | Vdb Entry | |
http://secunia.com/advisories/27271 | Third Party Advisory | |
http://secunia.com/advisories/27524 | Third Party Advisory | |
http://secunia.com/advisories/28380 | Third Party Advisory | |
http://www.s21sec.com/avisos/s21sec-037-en.txt | X_refsource_misc | |
http://www.securityfocus.com/archive/1/482120/30/4500/threaded | Mailing List | |
http://www.securityfocus.com/bid/25955 | Vdb Entry | |
http://www.securitytracker.com/id?1018776 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/3413 | Vdb Entry | |
http://www.vupen.com/english/advisories/2007/3414 | Vdb Entry | |
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11398 | Signature |
URL | Date | SRC |
---|---|---|
https://www.exploit-db.com/exploits/9240 | 2024-08-07 |
URL | Date | SRC |
---|---|---|
http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html | 2018-10-15 | |
http://secunia.com/advisories/27118 | 2018-10-15 | |
http://secunia.com/advisories/27128 | 2018-10-15 | |
http://secunia.com/advisories/27129 | 2018-10-15 | |
http://www.redhat.com/support/errata/RHSA-2007-0957.html | 2018-10-15 |
URL | Date | SRC |
---|---|---|
http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00006.html | 2018-10-15 | |
http://www.mandriva.com/security/advisories?name=MDKSA-2007:205 | 2018-10-15 | |
http://www.ubuntu.com/usn/usn-562-1 | 2018-10-15 | |
https://bugzilla.redhat.com/show_bug.cgi?id=296371 | 2007-10-08 | |
https://access.redhat.com/security/cve/CVE-2007-4924 | 2007-10-08 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ekiga Search vendor "Ekiga" | Ekiga Search vendor "Ekiga" for product "Ekiga" | <= 2.0.9 Search vendor "Ekiga" for product "Ekiga" and version " <= 2.0.9" | - |
Affected
| ||||||
Openh323 Project Search vendor "Openh323 Project" | Openh323 Search vendor "Openh323 Project" for product "Openh323" | <= 2.2.3 Search vendor "Openh323 Project" for product "Openh323" and version " <= 2.2.3" | - |
Affected
|