Lucene search
Gentoo FoundationGLSA-200703-25HistoryMar 29, 2007 - 12:00 a.m.
Ekiga: Format string vulnerability
2007-03-2900:00:00
Gentoo Foundation
security.gentoo.org
8
0.013 Low
EPSS
Percentile
85.8%
Background
Ekiga is an open source VoIP and video conferencing application.
Description
Mu Security has discovered that Ekiga fails to implement formatted printing correctly.
Impact
An attacker could exploit this vulnerability to crash Ekiga and potentially execute arbitrary code by sending a specially crafted Q.931 SETUP packet to a victim.
Workaround
There is no known workaround at this time.
Resolution
All Ekiga users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-voip/ekiga-2.0.7"
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Gentoo | any | all | net-voip/ekiga | < 2.0.7 | UNKNOWN |
Related
cvelist
cvelist
CVE-2007-1006
2007-02-20 00:00:00
CVE-2007-0999
2007-03-10 19:00:00
ubuntucve
ubuntucve
CVE-2007-1006
2007-02-20 00:00:00
CVE-2007-0999
2007-03-10 00:00:00
debiancve
debiancve
CVE-2007-1006
2007-02-20 01:28:00
CVE-2007-0999
2007-03-10 19:19:00
nessus
nessus
Fedora Core 6 : ekiga-2.0.5-2.fc6 (2007-263)
2007-02-23 00:00:00
GLSA-200703-25 : Ekiga: Format string vulnerability
2007-04-05 00:00:00
openSUSE 10 Security Update : ekiga (ekiga-3023)
2007-10-17 00:00:00
openvas
openvas
Mandriva Update for ekiga MDKSA-2007:044 (ekiga)
2009-04-09 00:00:00
Gentoo Security Advisory GLSA 200703-25 (ekiga)
2008-09-24 00:00:00
Gentoo Security Advisory GLSA 200703-25 (ekiga)
2008-09-24 00:00:00
cve
cve
CVE-2007-1006
2007-02-20 01:28:00
prion
prion
Format string
2007-02-20 01:28:00
Format string
2007-03-10 19:19:00
redhat
redhat
(RHSA-2007:0087) Critical: ekiga security update
2007-03-13 00:00:00
securityvulns
securityvulns
gnomemeeting / ekiga format string vulnerability
2007-02-21 00:00:00