Hi, * Moritz Muehlenhoff <jmm@inutil.org> [2007-11-29 00:12]: > Steffen Joeris wrote: > > CVE-2007-6103: > > > > I Hear U (IHU) 0.5.6 and earlier allows remote attackers to cause (1) a > > denial of service (infinite loop) via a packet that contains zero in the > > size field in its header, which is improperly handled by the > > Receiver::processPacket function; and (2) a denial of service (daemon > > crash) via an (a) IHU_INFO_INIT or a (b) IHU_INFO_RING packet that does > > not specify the mode, which is improperly handled by the Player::ring > > function in Player.cpp. > > > > When you fix this, please mention the CVE id in your changelog. > > Thanks for your efforts. > > I'm not convinced that this is more than a regular bug: ihu is > > | Description: Qt VoIP softphone with an own, encrypted protocol > | IHU creates an audio stream between two computers easily and with the minimal > | traffic on the network. > > Performing the "attack" described above is effectively a creative way to > hang up. We wouldn't call hanging up remote DoS either... This seems to be for #453280 :) Kind regards Nico -- Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
Attachment:
pgpbiPOLpHjNs.pgp
Description: PGP signature