|
|
CVE Reference: CVE-2007-6628 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-6628 |
|
|
Description: LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via (1) a malformed Transport header, which triggers misparsing in parse_transport_header in RTSP_setup.c, as demonstrated by a Transport header that contains only a "RTP/AVP;unicast;client_port" sequence; or (2) a malformed Range header, which triggers misparsing in parse_play_time_range in RTSP_Play, as demonstrated by an empty Range header. |
|
|
CVE Status: Candidate |
|
|
References: SREASON http://securityreason.com/securityalert/3507 SAID Secunia Advisory: SA28229 OSVDB 40534 40535 MISC http://aluigi.org/poc/fengulo.zip http://aluigi.altervista.org/adv/fengulo-adv.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/485574/100/0/threaded BID 27049 |
|
| Return to the previous page. |
