Vulnerability CVE-2007-6036


Published: 2007-11-20   Modified: 2012-02-12

Description:
The parseRTSPRequestString function in LIVE555 Media Server 2007.11.01 and earlier allows remote attackers to cause a denial of service (daemon crash) via a short RTSP query, which causes a negative number to be used during memory allocation.

Type:

CWE-20

(Improper Input Validation)

Vendor: Live555
Product: Media server 
Version: 2007.11.01;

CVSS2 => (AV:N/AC:M/Au:N/C:N/I:N/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.1/10
6.9/10
8.6/10
Exploit range
Attack complexity
Authentication
Remote
Medium
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Complete

 References:
http://aluigi.altervista.org/adv/live555x-adv.txt
http://security.gentoo.org/glsa/glsa-200803-22.xml
http://www.live555.com/liveMedia/public/changelog.txt
http://www.securityfocus.com/archive/1/483910/100/0/threaded
http://www.securityfocus.com/bid/26488
http://www.vupen.com/english/advisories/2007/3939
https://exchange.xforce.ibmcloud.com/vulnerabilities/38542

Related CVE
CVE-2019-9215
In Live555 before 2019.02.27, malformed headers lead to invalid memory access in the parseAuthorizationHeader function.
CVE-2019-7733
In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.
CVE-2019-7732
In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.
CVE-2019-7314
liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have uns...
CVE-2019-6256
A Denial of Service issue was discovered in the LIVE555 Streaming Media libraries as used in Live555 Media Server 0.93. It can cause an RTSPServer crash in handleHTTPCmd_TunnelingPOST, when RTSP-over-HTTP tunneling is supported, via x-sessioncookie H...
CVE-2018-4013
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker ...
CVE-2013-6934
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2013.11.26, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a space character at t...
CVE-2013-6933
The parseRTSPRequestString function in Live Networks Live555 Streaming Media 2011.08.13 through 2013.11.25, as used in VideoLAN VLC Media Player, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a (...

Copyright 2019, cxsecurity.com

 

Back to Top