Bug#453283: CVE-2007-6103: remote DoS

To: Steffen Joeris <steffen.joeris@skolelinux.de>
Cc: 453283@bugs.debian.org, team@security.debian.org
Subject: Bug#453283: CVE-2007-6103: remote DoS
From: Moritz Muehlenhoff <jmm@inutil.org>
Date: Wed, 28 Nov 2007 23:47:24 +0100
Message-id: <[🔎] 20071128224724.GA5660@galadriel.inutil.org>
Reply-to: Moritz Muehlenhoff <jmm@inutil.org>, 453283@bugs.debian.org
In-reply-to: <20071128100006.7080.41072.reportbug@hannah.debian.org>
References: <20071128100006.7080.41072.reportbug@hannah.debian.org>

Steffen Joeris wrote:
> CVE-2007-6103: 
> 
> I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a
> denial of service (infinite loop) via a packet that contains zero in the
> size field in its header, which is improperly handled by the
> Receiver::processPacket function; and (2) a denial of service (daemon
> crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does
> not specify the mode, which is improperly handled by the Player::ring
> function in Player.cpp.
> 
> When you fix this, please mention the CVE id in your changelog.
> Thanks for your efforts.

I'm not convinced that this is more than a regular bug: ihu is

| Description: Qt VoIP softphone with an own, encrypted protocol
| IHU creates an audio stream between two computers easily and with the minimal
| traffic on the network.

Performing the "attack" described above is effectively a creative way to
hang up. We wouldn't call hanging up remote DoS either...

Cheers,
        Moritz

Reply to:

Prev by Date: Bug#453283: CVE-2007-6061: possible symlink attack
Next by Date: Processed: lower severity
Previous by thread: Bug#453283: CVE-2007-6061: possible symlink attack
Next by thread: Processed: lower severity
Index(es):
- Date
- Thread