EUVD-2013-2175

Malware in sbrugna...

SUSE CVE-2013-2222

Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted ZRTP Hello packet to the 1 ZRtp::findBestSASType, 2 ZRtp::findBestAuthLen, 3 ZRtp::findBestCipher, 4 ZRtp::findBestHash, or...

Gentoo Security Advisory GLSA 201309-13

Gentoo Linux Local Security Checks GLSA 201309-13 SPDX-FileCopyrightText: 2015 Eero Volotinen Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later ifdescription...

Signal — Open Source iPhone App to Make Free End-to-End Encrypted Voice Calls

Good News for Privacy Lovers!! An open source software group Open Whisper Systems has released the first free and Open Source phone call application for iPhone users, which is specifically designed to make secure and encrypted calls. When we talk about the privacy of our messages and voice calls,...

New Signal App Brings Encrypted Calling to iPhone

iPhone users concerned about government surveillance efforts putting unencrypted calls at risk now have a free app at their disposal that brings secure communication to the Apple phone. Open WhisperSystems, developers of RedPhone for Android, have developed a similar app for iPhone called Signal,...

PhonerLite 2.14 SIP Soft Phone - SIP Digest Disclosure

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 I. Advisory Summary Title: SIP Digest Leak Information Disclosure in PhonerLite 2.14 SIP Soft Phone Date Published: March 30, 2014 Vendors contacted: Heiko Sommerfeldt, PhonerLite author Discovered by: Jason Ostrom Severity: Medium II. Vulnerability...

CVE-2013-2221

Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large packet...

CVE-2013-2222

Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted ZRTP Hello packet to the 1 ZRtp::findBestSASType, 2 ZRtp::findBestAuthLen, 3 ZRtp::findBestCipher, 4 ZRtp::findBestHash, or...

UBUNTU-CVE-2013-2221

Heap-based buffer overflow in the ZRtp::storeMsgTemp function in GNU ZRTPCPP before 3.2.0 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a large packet...

UBUNTU-CVE-2013-2222

Multiple stack-based buffer overflows in GNU ZRTPCPP before 3.2.0 allow remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted ZRTP Hello packet to the 1 ZRtp::findBestSASType, 2 ZRtp::findBestAuthLen, 3 ZRtp::findBestCipher, 4 ZRtp::findBestHash, or...

GNU ZRTP: Multiple vulnerabilities

Background GNU ZRTP is a C++ implementation of the ZRTP protocol. Description Multiple vulnerabilities have been discovered in GNU ZRTP. Please review the CVE identifiers referenced below for details. Impact A remote attacker could possibly execute arbitrary code with the privileges of the proces...

Fedora Update for libzrtpcpp FEDORA-2013-12479

Check for the Version of libzrtpcpp OpenVAS Vulnerability Test Fedora Update for libzrtpcpp FEDORA-2013-12479 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for libzrtpcpp FEDORA-2013-13019

Check for the Version of libzrtpcpp OpenVAS Vulnerability Test Fedora Update for libzrtpcpp FEDORA-2013-13019 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

Fedora Update for libzrtpcpp FEDORA-2013-13018

Check for the Version of libzrtpcpp OpenVAS Vulnerability Test Fedora Update for libzrtpcpp FEDORA-2013-13018 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...

[SECURITY] Fedora 17 Update: libzrtpcpp-2.3.4-1.fc17

This package provides a library that adds ZRTP support to the GNU ccRTP stack. Phil Zimmermann developed ZRTP to allow ad-hoc, easy to use key negotiation to setup Secure RTP SRTP sessions. GNU ZRTP together with GNU ccRTP 1.5.0 or later provides a ZRTP implementation that can be directly embedde...

[SECURITY] Fedora 18 Update: libzrtpcpp-2.3.4-1.fc18

This package provides a library that adds ZRTP support to the GNU ccRTP stack. Phil Zimmermann developed ZRTP to allow ad-hoc, easy to use key negotiation to setup Secure RTP SRTP sessions. GNU ZRTP together with GNU ccRTP 1.5.0 or later provides a ZRTP implementation that can be directly embedde...

[SECURITY] Fedora 19 Update: libzrtpcpp-2.3.4-1.fc19

This package provides a library that adds ZRTP support to the GNU ccRTP stack. Phil Zimmermann developed ZRTP to allow ad-hoc, easy to use key negotiation to setup Secure RTP SRTP sessions. GNU ZRTP together with GNU ccRTP 1.5.0 or later provides a ZRTP implementation that can be directly embedde...

libzrtpcpp -- multiple security vulnerabilities

Mark Dowd reports: Vulnerability 1. Remote Heap Overflow: If an attacker sends a packet larger than 1024 bytes that gets stored temporarily which occurs many times - such as when sending a ZRTP Hello packet, a heap overflow will occur, leading to potential arbitrary code execution on the vulnerab...

Phil Zimmermann Returns With Silent Circle Voice and Data Privacy

If you use encryption products to protect your data or communications, you owe a debt of gratitude to Phil Zimmermann. Now, Zimmermann is aiming to collect on that debt with his new company, Silent Circle, a startup that will provide secure phone, email and SMS communications. Zimmermann has been...