Vulnerabilities > CVE-2007-6630 - Remote Buffer Overflow and Denial of Service vulnerability in Feng
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
PARTIAL Summary
The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request.
Exploit-Db
description | Feng 0.1.15 Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities. CVE-2007-6630. Remote exploits for multiple platform |
id | EDB-ID:30944 |
last seen | 2016-02-03 |
modified | 2007-12-27 |
published | 2007-12-27 |
reporter | Luigi Auriemma |
source | https://www.exploit-db.com/download/30944/ |
title | Feng 0.1.15 - Multiple Remote Buffer Overflow and Denial of Service Vulnerabilities |
References
- http://aluigi.altervista.org/adv/fengulo-adv.txt
- http://aluigi.org/poc/fengulo.zip
- http://osvdb.org/40158
- http://secunia.com/advisories/28253
- http://securityreason.com/securityalert/3507
- http://www.securityfocus.com/archive/1/485574/100/0/threaded
- http://www.securityfocus.com/bid/27049
- http://www.vupen.com/english/advisories/2008/0012