Due to poor memory allocation management, Ekiga versions 2.0.5 and below are susceptible to a denial of service condition.
f96123da6a4fdf8c6cf9e4c413f57a25dee873f75f0e9569dcef9eb45344294d
Ekiga GetHostAddress remote denial of service exploit.
7d1d7087dcd522d63e3e4a08b0c680f36f2c28abc0cc5cef8a179d383398b97f
Ubuntu Security Notice 562-1 - Jose Miguel Esparza discovered that certain SIP headers were not correctly validated. A remote attacker could send a specially crafted packet to an application linked against opal (e.g. Ekiga) causing it to crash, leading to a denial of service.
0bae0510745e2d4cc1e920612d25832120f26ff1cd4e53a774b165a882277ed1
Ubuntu Security Notice 561-1 - Jose Miguel Esparza discovered that pwlib did not correctly handle large string lengths. A remote attacker could send specially crafted packets to applications linked against pwlib (e.g. Ekiga) causing them to crash, leading to a denial of service.
52e265988f2840d09d20942061a4e0e7c5807c23b28fec9e912ec1f3f55eedbc
Mandriva Linux Security Advisory - A memory management flaw was discovered in PWLib, that an attacker could use to crash an application linked with it, such as Ekiga.
3f007f8bc04dd1f3ff6d6688b38f27837784062741bff85a6a37ed5b7d2fc187
Mandriva Linux Security Advisory - A flaw in opal, the Open Phone Abstraction Library, was found in how it handles certain Session Initiation Protocol (SIP) packets. An attacker could use this vulnerability to crash an application linked to opal, such as Ekiga.
850f35b9bd001ea6547bb8c871600fc04e5221c92b9fff7729720a2c3eabb963
OPAL versions 2.2.8 and below and Ekiga versions 2.0.9 and below suffer from a denial of service condition due to insufficiently validating the Content-Length field of a SIP request.
4d364df06d8fbbc07a007d1e0a7b5b491550f9b20da4c09aa796e46c096883f4
Secunia Security Advisory - A vulnerability has been reported in Ekiga, which can potentially be exploited by malicious people to compromise an vulnerable system.
417f336b354657c8e1df9af543d78b3409d1cff19bed589346348f878e262627
Gentoo Linux Security Advisory GLSA 200703-25 - Mu Security has discovered that Ekiga fails to implement formatted printing correctly. Versions less than 2.0.7 are affected.
ebfbe3ad37e4cec53357ffaa0a9754510f08a3a4405f3ba9de36ad8d6167c2fe
Secunia Security Advisory - Gentoo has issued an update for ekiga. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system.
d0c6a8b559f88c80c43e6bfb9cbd6c80cb4be598ed17d7a449de941751645600
Mandriva Linux Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga. This is similar to the previous CVE-2007-1006, but the original evaluation/patches were incomplete.
74059760ca396ac9aaacb0f5ccd2643fd0c6b428319aa2208dfe6b636aa57456
Ubuntu Security Notice 434-1 - It was discovered that Ekiga had format string vulnerabilities beyond those fixed in USN-426-1. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges.
4bb663bcca02745bd937d2b0350fc4948fe9be30a4b471dbc9b3fe104805a094
Secunia Security Advisory - Debian has issued an update for gnomemeeting and ekiga. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a user's system.
c9c7a2d88983580cdcb90174fc92ba846b47ece0d6f69430cbe6be0ff2c39c18
Ubuntu Security Notice 426-1 - Mu Security discovered a format string vulnerability in Ekiga. If a user was running Ekiga and listening for incoming calls, a remote attacker could send a crafted call request, and execute arbitrary code with the user's privileges.
a2bd833851d5b49599235e19bbdcfe3342dbf5172b8b1585051a91ff93865253
Mandriva Security Advisory - A format string flaw was discovered in how ekiga processes certain messages, which could permit a remote attacker that can connect to ekiga to potentially execute arbitrary code with the privileges of the user running ekiga.
26d6aaa78c29000b479ee56a732674724a936148245f9bba06b92706812a7728
Secunia Security Advisory - Fedora has issued an update for ekiga. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
609e6bfa95568a0646aa8ab180e31e0e5087618b7a44e42bfe2def3f285c8018
Secunia Security Advisory - Mandriva has issued an update for ekiga. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system.
d8619f88baa31c58efe61214a919101e1b43045d6a71f2882e373f7408aea810
Secunia Security Advisory - Ubuntu has issued an update for ekiga and gnomemeeting. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system.
de7c70b99a90c547ec558671c1ef69737f85f3551cea622999b48bd36ce7e4b0
Secunia Security Advisory - A vulnerability has been reported in Ekiga, which potentially can be exploited by malicious people to compromise a user's system.
90d38e41f26f6c52dbab086962c39df95ba4581f24dad47833185be58db5169a
SunOS 4.1.X exploit for selection_svc hole.
f881f73b40342fc49293188abb3258b0a0aa27b3d54d0326bc389077c534e7ef
Subject HP Aserver Date 01-Jan-2000
354f17770e368ce57ecef520cc687a565e433f1f41b63a2486fa5194539d7bb3
S-00-01.htm
06d3510cefcebf4fd49f0a1aa7d0ec4c01ee0fb8ff53eb451c672a4b42743f6b
Subject Denial of Service mit Stacheldraht Date 04-Jan-2000
911a651da0b891df94689db1cf06a27fe11a938d11f9bab3b7d812c1f7564a90
S-00-02.htm
c5526e20dd087f27af5edfdcd78e9e4a08a9fc240c8cceb6638b56ea446643d8
Subject Buffer overflow Miscrosoft MCIS mail server Date 05-Jan-2000
656cd2165da07cbfdb61569dbd725c2eb739fd1de2eed991b04656a49a41270b
S-00-03.htm
40b09d95cf0eb4c1451ad648d84c475962494c541e3228f35296a85e7def670c