Vulnerabilities > CVE-2007-4897 - Resource Management Errors vulnerability in Ekiga 2.0.5

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

PARTIAL

network

low complexity

ekiga

CWE-399

nessus

exploit available

NVD

Published: 2007-09-14

Updated: 2018-10-15

Summary

pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).

Vulnerable Configurations

Part	Description	Count
Application	Ekiga Ekiga Ekiga 2.0.5	1

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit. CVE-2007-4897. Dos exploit for windows platform
id	EDB-ID:9241
last seen	2016-02-01
modified	2009-07-24
published	2009-07-24
reporter	Jose Miguel Esparza
source	https://www.exploit-db.com/download/9241/
title	Ekiga 2.0.5 - GetHostAddress Remote Denial of Service Exploit

Nessus

NASL family	Mandriva Local Security Checks
NASL id	MANDRAKE_MDKSA-2007-206.NASL
description	A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga. Updated packages have been patched to prevent these issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	27624
published	2007-11-05
reporter	This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
source	https://www.tenable.com/plugins/nessus/27624
title	Mandrake Linux Security Advisory : pwlib (MDKSA-2007:206)

NASL family	CentOS Local Security Checks
NASL id	CENTOS_RHSA-2007-0932.NASL
description	Updated pwlib packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PWLib is a library used to support cross-platform applications. In Red Hat Enterprise Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897). Users should upgrade to these updated packages which contain a backported patch to correct this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	43653
published	2010-01-06
reporter	This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/43653
title	CentOS 5 : pwlib (CESA-2007:0932)

NASL family	Scientific Linux Local Security Checks
NASL id	SL_20071008_PWLIB_ON_SL5_X.NASL
description	In Scientific Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897).
last seen	2020-06-01
modified	2020-06-02
plugin id	60265
published	2012-08-01
reporter	This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/60265
title	Scientific Linux Security Update : pwlib on SL5.x i386/x86_64

NASL family	Red Hat Local Security Checks
NASL id	REDHAT-RHSA-2007-0932.NASL
description	Updated pwlib packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PWLib is a library used to support cross-platform applications. In Red Hat Enterprise Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897). Users should upgrade to these updated packages which contain a backported patch to correct this issue.
last seen	2020-06-01
modified	2020-06-02
plugin id	26953
published	2007-10-09
reporter	This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/26953
title	RHEL 5 : pwlib (RHSA-2007:0932)

NASL family	Ubuntu Local Security Checks
NASL id	UBUNTU_USN-561-1.NASL
description	Jose Miguel Esparza discovered that pwlib did not correctly handle large string lengths. A remote attacker could send specially crafted packets to applications linked against pwlib (e.g. Ekiga) causing them to crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	29917
published	2008-01-10
reporter	Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/29917
title	Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : pwlib vulnerability (USN-561-1)

Oval

accepted

2013-04-29T04:10:01.852-04:00

class

vulnerability

contributors

name Aharon Chernin
organization SCAP.com, LLC
name Dragos Prisaca
organization G2, Inc.

definition_extensions

comment The operating system installed on the system is Red Hat Enterprise Linux 5
oval oval:org.mitre.oval:def:11414
comment The operating system installed on the system is CentOS Linux 5.x
oval oval:org.mitre.oval:def:15802
comment Oracle Linux 5.x
oval oval:org.mitre.oval:def:15459

description

family

unix

oval:org.mitre.oval:def:10928

status

accepted

submitted

2010-07-09T03:56:16-04:00

title

version

Packetstorm

data source	https://packetstormsecurity.com/files/download/79578/ekiga207_dos.py.txt
id	PACKETSTORM:79578
last seen	2016-12-05
published	2009-07-24
reporter	Jose Miguel Esparza
source	https://packetstormsecurity.com/files/79578/Ekiga-2.0.5-Denial-Of-Service.html
title	Ekiga 2.0.5 Denial Of Service

Redhat

advisories

bugzilla

id	292831
title	CVE-2007-4897 ekiga GetHostAddress remote DoS

oval

comment Red Hat Enterprise Linux must be installed
oval oval:com.redhat.rhba:tst:20070304026

AND

comment Red Hat Enterprise Linux 5 is installed
oval oval:com.redhat.rhba:tst:20070331005

AND
comment pwlib is earlier than 0:1.10.1-7.0.1.el5
oval oval:com.redhat.rhsa:tst:20070932001
comment pwlib is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070932002
AND
comment pwlib-devel is earlier than 0:1.10.1-7.0.1.el5
oval oval:com.redhat.rhsa:tst:20070932003
comment pwlib-devel is signed with Red Hat redhatrelease key
oval oval:com.redhat.rhsa:tst:20070932004

rhsa

id	RHSA-2007:0932
released	2007-10-08
severity	Moderate
title	RHSA-2007:0932: pwlib security update (Moderate)

rpms

pwlib-0:1.10.1-7.0.1.el5
pwlib-debuginfo-0:1.10.1-7.0.1.el5
pwlib-devel-0:1.10.1-7.0.1.el5

Seebug

bulletinFamily	exploit
description	No description provided by source.
id	SSV:66737
last seen	2017-11-19
modified	2014-07-01
published	2014-07-01
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-66737
title	Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit

bulletinFamily	exploit
description	No description provided by source.
id	SSV:12761
last seen	2017-11-19
modified	2009-07-24
published	2009-07-24
reporter	Root
source	https://www.seebug.org/vuldb/ssvid-12761
title	Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

Nessus

Oval

Packetstorm

Redhat

Seebug

References