Common Vulnerabilities and Exposures assigned an identifier CVE-2007-6630 to the following vulnerability: The Url_init function in utils/url.c in Netembryo 0.0.4, when used by LScube Feng, allows remote attackers to cause a denial of service (NULL dereference and daemon crash) via a malformed URI containing a "/:" sequence, as demonstrated by a "DESCRIBE /: RTSP/1.0" request. References: Reference: BUGTRAQ:20071227 Multiple vulnerabilities in Feng 0.1.15 Reference: URL:http://www.securityfocus.com/archive/1/archive/1/485574/100/0/threaded Reference: MISC:http://aluigi.altervista.org/adv/fengulo-adv.txt Reference: MISC:http://aluigi.org/poc/fengulo.zip Reference: BID:27049 Reference: URL:http://www.securityfocus.com/bid/27049
Please update netembryon in rawhide, if the vector is pertinent for intended use of netembryo.
Already fixed in rawhide. F-8 and F-7 builds are in updates-testing.
Fixed long ago across the board.