[UPH-07-02] Firefly Media Server DoS

UPH-07-02 UnprotectedHex.com security advisory 07-02 Discovered by nnp Discovered : 1 August 2007 Reported to the vendor : 13 October 2007 Fixed by vendor : 21 October 2007 Vulnerability class : Remote DoS Affected product : mt-dappd/Firefly Media Server Version : = 0.2.4 Product details:...

Null pointer dereference

The kadm5modifypolicyinternal function in lib/kadm5/srv/svrpolicy.c in the Kerberos administration daemon kadmind in MIT Kerberos 5 krb5 1.5 through 1.6.2 does not properly check return values when the policy does not exist, which might allow remote authenticated users with the "modify policy"...

CVE-2007-3763

The IAX2 channel driver chaniax2 in Asterisk before 1.2.22 and 1.4.x before 1.4.8, Business Edition before B.2.2.1, AsteriskNOW before beta7, Appliance Developer Kit before 0.5.0, and s800i before 1.0.2 allows remote attackers to cause a denial of service crash via a crafted 1 LAGRQ or 2 LAGRP...