20 matches found
EUVD-2007-6593
Malware in sbrugna...
EUVD-2007-6591
Malware in sbrugna...
EUVD-2007-6594
Malware in sbrugna...
Input validation
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...
Buffer overflow
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...
CVE-2007-6628
LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...
CVE-2007-6626
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6631
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...
Cross site request forgery (csrf)
The Urlinit function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service NULL dereference and daemon crash via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request...
Buffer overflow
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6627
Integer overflow in the RTSPremovemsg function in RTSPlowlevel.c in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via an RTP packet with a size value of 0xffff...
CVE-2007-6629
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...
CVE-2007-6626
Multiple buffer overflows in the RTSPvalidresponsemsg function in RTSPstatemachine.c in LScube Feng 0.1.15 and earlier allow remote attackers to execute arbitrary code via 1 a long first line of a response, as demonstrated by a long VER line; or 2 a long second line of a response, as demonstrated...
CVE-2007-6628
LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via 1 a malformed Transport header, which triggers misparsing in parsetransportheader in RTSPsetup.c, as demonstrated by a Transport header that contains only a...
CVE-2007-6628
CVE-2007-6628 affects LScube Feng 0.1.15 and earlier. The issue allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via two malformed headers: (1) Transport header triggering misparsing in RTSP_setup.c’s parse_transport_header (example: a header containing onl...
CVE-2007-6629
Interpretation conflict in LScube Feng 0.1.15 and earlier allows remote attackers to cause a denial of service NULL dereference and daemon crash via a User-Agent header line that contains a carriage-return character, which is considered a line delimiter when the header is split into individual...
CVE-2007-6629
The CVE-2007-6629 entry concerns LScube Feng 0.1.15 and earlier, where an interpretation conflict in a User-Agent line containing a carriage-return character can trigger a NULL dereference and daemon crash, causing a denial of service. The issue arises because the line-delimiter handling differs ...
CVE-2007-6631
Multiple buffer overflows in LScube libnemesi 0.6.4-rc1 and earlier allow remote attackers to execute arbitrary code via 1 a reply that begins with a long version string, which triggers an overflow in handlertsppkt in rtsphandlers.c; long headers that trigger overflows in 2 sendpauserequest, 3...
CVE-2007-6631
CVE-2007-6631 describes multiple buffer overflows in the LScube libnemesi 0.6.4-rc1 and earlier. The vulnerability allows remote code execution via crafted RTSP traffic, including: a reply beginning with a long version string that overflows handle_rtsp_pkt in rtsp_handlers.c; excessively long hea...
CVE-2007-6626
CVE-2007-6626 describes multiple buffer overflows in the RTSP_valid_response_msg function of RTSP_state_machine.c in LScube Feng 0.1.15 and earlier, enabling remote attackers to execute arbitrary code via (1) an excessively long first line of a response (VER line) or (2) an excessively long secon...