liveMedia -- DoS vulnerability

ID 821AFAA2-9E9A-11DC-A7E3-0016360406FA
Type freebsd
Reporter FreeBSD
Modified 2007-12-09T00:00:00


The live555 development team reports:

Fixed a bounds-checking error in "parseRTSPRequestString()" caused by an int vs. unsigned problem.

The function which handles the incoming queries from the clients is affected by a vulnerability which allows an attacker to crash the server remotely using the smallest RTSP query possible to use.