Oreka Crafted RTP Packet Sequence Remote DoS

2006-02-18T06:15:16
ID OSVDB:23300
Type osvdb
Reporter OSVDB
Modified 2006-02-18T06:15:16

Description

Vulnerability Description

Oreka contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious sequence of RTP packets is received, and will result in loss of availability for the service.

Solution Description

Upgrade to version 0.5 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Oreka contains a flaw that may allow a remote denial of service. The issue is triggered when a malicious sequence of RTP packets is received, and will result in loss of availability for the service.

References:

Vendor URL: http://oreka.sourceforge.net/ Mail List Post: http://archives.neohapsis.com/archives/apps/freshmeat/2006-02/0017.html FrSIRT Advisory: ADV-2006-0812 CVE-2006-0912 Bugtraq ID: 16937