Executive Summary
| Summary | |
|---|---|
| Title | Updated opal packages fix vulnerability |
| Informations | |||
|---|---|---|---|
| Name | MDKSA-2007:205 | First vendor Publication | 2007-11-02 |
| Vendor | Mandriva | Last vendor Modification | 2007-11-02 |
| Severity (Vendor) | N/A | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:L/Au:N/C:N/I:N/A:P) | |||
|---|---|---|---|
| Cvss Base Score | 5 | Attack Range | Network |
| Cvss Impact Score | 2.9 | Attack Complexity | Low |
| Cvss Expoit Score | 10 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga. Updated packages have been patched to prevent these issues. |
Original Source
| Url : http://www.mandriva.com/security/advisories?name=MDKSA-2007:205 |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:11398 | |||
| Oval ID: | oval:org.mitre.oval:def:11398 | ||
| Title: | The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address." | ||
| Description: | The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address." | ||
| Family: | unix | Class: | vulnerability |
| Reference(s): | CVE-2007-4924 | Version: | 5 |
| Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:17309 | |||
| Oval ID: | oval:org.mitre.oval:def:17309 | ||
| Title: | USN-562-1 -- opal vulnerability | ||
| Description: | Jose Miguel Esparza discovered that certain SIP headers were not correctly validated. | ||
| Family: | unix | Class: | patch |
| Reference(s): | USN-562-1 CVE-2007-4924 | Version: | 7 |
| Platform(s): | Ubuntu 6.06 Ubuntu 6.10 Ubuntu 7.04 | Product(s): | opal |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:21836 | |||
| Oval ID: | oval:org.mitre.oval:def:21836 | ||
| Title: | ELSA-2007:0957: opal security update (Moderate) | ||
| Description: | The Open Phone Abstraction Library (opal), as used by (1) Ekiga before 2.0.10 and (2) OpenH323 before 2.2.4, allows remote attackers to cause a denial of service (crash) via an invalid Content-Length header field in Session Initiation Protocol (SIP) packets, which causes a \0 byte to be written to an "attacker-controlled address." | ||
| Family: | unix | Class: | patch |
| Reference(s): | ELSA-2007:0957-01 CVE-2007-4924 | Version: | 6 |
| Platform(s): | Oracle Linux 5 | Product(s): | opal |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 3 |
ExploitDB Exploits
| id | Description |
|---|---|
| 2009-07-24 | OpenH323 Opal SIP Protocol Remote Denial of Service Exploit |
OpenVAS Exploits
| Date | Description |
|---|---|
| 2009-04-09 | Name : Mandriva Update for opal MDKSA-2007:205 (opal) File : nvt/gb_mandriva_MDKSA_2007_205.nasl |
| 2009-03-23 | Name : Ubuntu Update for opal vulnerability USN-562-1 File : nvt/gb_ubuntu_USN_562_1.nasl |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 41637 | Open Phone Abstraction Library (opal) SIP Packet Malformed Content-Length Hea... |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20071008_opal_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
| 2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2007-0957.nasl - Type : ACT_GATHER_INFO |
| 2008-01-10 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-562-1.nasl - Type : ACT_GATHER_INFO |
| 2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_opal-4519.nasl - Type : ACT_GATHER_INFO |
| 2007-11-05 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2007-205.nasl - Type : ACT_GATHER_INFO |
| 2007-10-24 | Name : The remote openSUSE host is missing a security update. File : suse_opal-4531.nasl - Type : ACT_GATHER_INFO |
| 2007-10-09 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2007-0957.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:38:57 |
|
