Vulnerabilities > CVE-2007-0999 - Remote Security vulnerability in Ekiga
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. This vulnerability has been addressed through a product update using MandrivaUpdate.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-058.NASL description A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete. Updated package have been patched to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 24808 published 2007-03-12 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/24808 title Mandrake Linux Security Advisory : ekiga (MDKSA-2007:058) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Mandrake Linux Security Advisory MDKSA-2007:058. # The text itself is copyright (C) Mandriva S.A. # include("compat.inc"); if (description) { script_id(24808); script_version ("1.15"); script_cvs_date("Date: 2019/08/02 13:32:49"); script_cve_id("CVE-2007-0999"); script_xref(name:"MDKSA", value:"2007:058"); script_name(english:"Mandrake Linux Security Advisory : ekiga (MDKSA-2007:058)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Mandrake Linux host is missing a security update." ); script_set_attribute( attribute:"description", value: "A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete. Updated package have been patched to correct this issue." ); script_set_attribute(attribute:"solution", value:"Update the affected ekiga package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:mandriva:linux:ekiga"); script_set_attribute(attribute:"cpe", value:"cpe:/o:mandriva:linux:2007"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/03/12"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"Mandriva Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/Mandrake/release", "Host/Mandrake/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); if (!get_kb_item("Host/Mandrake/release")) audit(AUDIT_OS_NOT, "Mandriva / Mandake Linux"); if (!get_kb_item("Host/Mandrake/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if (cpu !~ "^(amd64|i[3-6]86|x86_64)$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Mandriva / Mandrake Linux", cpu); flag = 0; if (rpm_check(release:"MDK2007.0", reference:"ekiga-2.0.3-1.2mdv2007.0", yank:"mdv")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-434-1.NASL description It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user last seen 2020-06-01 modified 2020-06-02 plugin id 28029 published 2007-11-10 reporter Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/28029 title Ubuntu 5.10 / 6.06 LTS / 6.10 : ekiga, gnomemeeting vulnerability (USN-434-1) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Ubuntu Security Notice USN-434-1. The text # itself is copyright (C) Canonical, Inc. See # <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered # trademark of Canonical, Inc. # include("compat.inc"); if (description) { script_id(28029); script_version("1.14"); script_cvs_date("Date: 2019/08/02 13:33:01"); script_cve_id("CVE-2007-0999"); script_xref(name:"USN", value:"434-1"); script_name(english:"Ubuntu 5.10 / 6.06 LTS / 6.10 : ekiga, gnomemeeting vulnerability (USN-434-1)"); script_summary(english:"Checks dpkg output for updated packages."); script_set_attribute( attribute:"synopsis", value: "The remote Ubuntu host is missing one or more security-related patches." ); script_set_attribute( attribute:"description", value: "It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues." ); script_set_attribute( attribute:"see_also", value:"https://usn.ubuntu.com/434-1/" ); script_set_attribute( attribute:"solution", value:"Update the affected ekiga and / or gnomemeeting packages." ); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ekiga"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:gnomemeeting"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:5.10"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts"); script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.10"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/08"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/10"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"Ubuntu Security Notice (C) 2007-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"Ubuntu Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l"); exit(0); } include("audit.inc"); include("ubuntu.inc"); include("misc_func.inc"); if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/Ubuntu/release"); if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu"); release = chomp(release); if (! ereg(pattern:"^(5\.10|6\.06|6\.10)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 5.10 / 6.06 / 6.10", "Ubuntu " + release); if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu); flag = 0; if (ubuntu_check(osver:"5.10", pkgname:"gnomemeeting", pkgver:"1.2.2-1ubuntu1.2")) flag++; if (ubuntu_check(osver:"6.06", pkgname:"ekiga", pkgver:"2.0.1-0ubuntu6.2")) flag++; if (ubuntu_check(osver:"6.10", pkgname:"ekiga", pkgver:"2.0.3-0ubuntu3.2")) flag++; if (flag) { security_report_v4( port : 0, severity : SECURITY_HOLE, extra : ubuntu_report_get() ); exit(0); } else { tested = ubuntu_pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ekiga / gnomemeeting"); }NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0087.NASL description Updated ekiga packages that fix security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Ekiga is a tool to communicate with video and audio over the Internet. Format string flaws were found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. (CVE-2007-0999, CVE-2007-1006) Users of Ekiga should upgrade to these updated packages which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 63840 published 2013-01-24 reporter This script is Copyright (C) 2013-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/63840 title RHEL 5 : ekiga (RHSA-2007:0087) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from Red Hat Security Advisory RHSA-2007:0087. The text # itself is copyright (C) Red Hat, Inc. # include("compat.inc"); if (description) { script_id(63840); script_version("1.8"); script_cvs_date("Date: 2019/10/25 13:36:12"); script_cve_id("CVE-2007-0999", "CVE-2007-1006"); script_xref(name:"RHSA", value:"2007:0087"); script_name(english:"RHEL 5 : ekiga (RHSA-2007:0087)"); script_summary(english:"Checks rpm output for the updated package"); script_set_attribute( attribute:"synopsis", value:"The remote Red Hat host is missing a security update." ); script_set_attribute( attribute:"description", value: "Updated ekiga packages that fix security issues are now available for Red Hat Enterprise Linux 5. This update has been rated as having critical security impact by the Red Hat Security Response Team. Ekiga is a tool to communicate with video and audio over the Internet. Format string flaws were found in the way Ekiga processes certain messages. If a user is running Ekiga, a remote attacker who can connect to Ekiga could trigger this flaw and potentially execute arbitrary code with the privileges of the user. (CVE-2007-0999, CVE-2007-1006) Users of Ekiga should upgrade to these updated packages which contain a backported patch to correct this issue." ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2007-0999.html" ); script_set_attribute( attribute:"see_also", value:"https://www.redhat.com/security/data/cve/CVE-2007-1006.html" ); script_set_attribute( attribute:"see_also", value:"http://rhn.redhat.com/errata/RHSA-2007-0087.html" ); script_set_attribute(attribute:"solution", value:"Update the affected ekiga package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ekiga"); script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:5"); script_set_attribute(attribute:"patch_publication_date", value:"2007/03/14"); script_set_attribute(attribute:"plugin_publication_date", value:"2013/01/24"); script_set_attribute(attribute:"vuln_publication_date", value:"2007/03/11"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2013-2019 Tenable Network Security, Inc."); script_family(english:"Red Hat Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/RedHat/release"); if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat"); if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); cpu = get_kb_item("Host/cpu"); if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH); if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu); flag = 0; if (rpm_check(release:"RHEL5", cpu:"i386", reference:"ekiga-2.0.2-7.0.2")) flag++; if (rpm_check(release:"RHEL5", cpu:"x86_64", reference:"ekiga-2.0.2-7.0.2")) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else audit(AUDIT_HOST_NOT, "affected");
Oval
| accepted | 2013-04-29T04:10:09.890-04:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. | ||||||||||||
| family | unix | ||||||||||||
| id | oval:org.mitre.oval:def:10944 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
| title | Format string vulnerability in Ekiga 2.0.3, and probably other versions, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2007-1006. | ||||||||||||
| version | 19 |
Redhat
| advisories |
| ||||
| rpms |
|