Vulnerabilities > CVE-2007-4897 - Resource Management Errors vulnerability in Ekiga 2.0.5
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit. CVE-2007-4897. Dos exploit for windows platform |
id | EDB-ID:9241 |
last seen | 2016-02-01 |
modified | 2009-07-24 |
published | 2009-07-24 |
reporter | Jose Miguel Esparza |
source | https://www.exploit-db.com/download/9241/ |
title | Ekiga 2.0.5 - GetHostAddress Remote Denial of Service Exploit |
Nessus
NASL family Mandriva Local Security Checks NASL id MANDRAKE_MDKSA-2007-206.NASL description A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga. Updated packages have been patched to prevent these issues. last seen 2020-06-01 modified 2020-06-02 plugin id 27624 published 2007-11-05 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27624 title Mandrake Linux Security Advisory : pwlib (MDKSA-2007:206) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2007-0932.NASL description Updated pwlib packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PWLib is a library used to support cross-platform applications. In Red Hat Enterprise Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897). Users should upgrade to these updated packages which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 43653 published 2010-01-06 reporter This script is Copyright (C) 2010-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/43653 title CentOS 5 : pwlib (CESA-2007:0932) NASL family Scientific Linux Local Security Checks NASL id SL_20071008_PWLIB_ON_SL5_X.NASL description In Scientific Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897). last seen 2020-06-01 modified 2020-06-02 plugin id 60265 published 2012-08-01 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/60265 title Scientific Linux Security Update : pwlib on SL5.x i386/x86_64 NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2007-0932.NASL description Updated pwlib packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. PWLib is a library used to support cross-platform applications. In Red Hat Enterprise Linux 5, the Ekiga teleconferencing application uses PWLib. A memory management flaw was discovered in PWLib. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with pwlib (CVE-2007-4897). Users should upgrade to these updated packages which contain a backported patch to correct this issue. last seen 2020-06-01 modified 2020-06-02 plugin id 26953 published 2007-10-09 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26953 title RHEL 5 : pwlib (RHSA-2007:0932) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-561-1.NASL description Jose Miguel Esparza discovered that pwlib did not correctly handle large string lengths. A remote attacker could send specially crafted packets to applications linked against pwlib (e.g. Ekiga) causing them to crash, leading to a denial of service. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 29917 published 2008-01-10 reporter Ubuntu Security Notice (C) 2008-2019 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/29917 title Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : pwlib vulnerability (USN-561-1)
Oval
accepted | 2013-04-29T04:10:01.852-04:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting). | ||||||||||||
family | unix | ||||||||||||
id | oval:org.mitre.oval:def:10928 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2010-07-09T03:56:16-04:00 | ||||||||||||
title | pwlib, as used by Ekiga 2.0.5 and possibly other products, allows remote attackers to cause a denial of service (application crash) via a long argument to the PString::vsprintf function, related to a "memory management flaw". NOTE: this issue was originally reported as being in the SIPURL::GetHostAddress function in Ekiga (formerly GnomeMeeting). | ||||||||||||
version | 19 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/79578/ekiga207_dos.py.txt |
id | PACKETSTORM:79578 |
last seen | 2016-12-05 |
published | 2009-07-24 |
reporter | Jose Miguel Esparza |
source | https://packetstormsecurity.com/files/79578/Ekiga-2.0.5-Denial-Of-Service.html |
title | Ekiga 2.0.5 Denial Of Service |
Redhat
advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
rpms |
|
Seebug
bulletinFamily exploit description No description provided by source. id SSV:66737 last seen 2017-11-19 modified 2014-07-01 published 2014-07-01 reporter Root source https://www.seebug.org/vuldb/ssvid-66737 title Ekiga 2.0.5 - (GetHostAddress) Remote Denial of Service Exploit bulletinFamily exploit description No description provided by source. id SSV:12761 last seen 2017-11-19 modified 2009-07-24 published 2009-07-24 reporter Root source https://www.seebug.org/vuldb/ssvid-12761 title Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit
References
- http://blog.s21sec.com/2007/09/sobre-la-vulnerabilidad-del-ekiga.html
- http://marc.info/?l=full-disclosure&m=118959114522339&w=2
- http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sipcon.cxx?r1=2.120.2.25&r2=2.120.2.26&pathrev=v2_2_9
- http://secunia.com/advisories/27127
- http://secunia.com/advisories/27150
- http://secunia.com/advisories/27518
- http://secunia.com/advisories/28385
- http://securityreason.com/securityalert/3138
- http://www.mandriva.com/security/advisories?name=MDKSA-2007:206
- http://www.redhat.com/support/errata/RHSA-2007-0932.html
- http://www.s21sec.com/avisos/s21sec-036-en.txt
- http://www.securityfocus.com/archive/1/479185/100/0/threaded
- http://www.securityfocus.com/bid/25642
- http://www.securitytracker.com/id?1018683
- http://www.ubuntu.com/usn/usn-561-1
- https://bugzilla.redhat.com/show_bug.cgi?id=292831
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36568
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10928