Integer overflow in the RTSP_remove_msg function in RTSP_lowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an RTP packet with a size value of 0xffff.
Feng is prone to multiple remote buffer-overflow and denial-of-service vulnerabilities.Successfully exploiting these issues allows remote attackers to execute arbitrary code in the context of the server application. Attackers may also crash the application, denying service to legitimate users.Feng 0.1.15 is vulnerable to these issues; other versions may also be affected.
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: email@example.com.
The following proof-of-concept code is available: /data/vulnerabilities/exploits/fengulo.zip
|2008-01-04||CVE-2007-6626||Buffer Errors vulnerability in Feng 0.1.15||High|
|2008-01-04||CVE-2007-6630||Feng Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities||Medium|
|2008-01-04||CVE-2007-6628||Feng Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities||Medium|
|2008-01-04||CVE-2007-6629||Feng Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities||Medium|