Bug 883058 - (CVE-2012-5621) CVE-2012-5621 ekiga: DoS (crash) after receiving call from other party with not UTF-8 valid name
CVE-2012-5621 ekiga: DoS (crash) after receiving call from other party with n...
Status: CLOSED CURRENTRELEASE
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Red Hat Product Security
impact=moderate,public=20110620,repor...
: Security
Depends On: 883063
Blocks: 883070
  Show dependency treegraph
 
Reported: 2012-12-03 12:25 EST by Jan Lieskovsky
Modified: 2015-07-31 06:43 EDT (History)
4 users (show)

See Also:
Fixed In Version: Ekiga 4.0.0
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-03-04 11:45:58 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jan Lieskovsky 2012-12-03 12:25:43 EST
A denial of service flaw was found in the way Ekiga, a Gnome based SIP/H323 teleconferencing application, processed information from certain OPAL connections (UTF-8 strings were not verified for validity prior showing them). A remote attacker (other party with a not UTF-8 valid name) could use this flaw to cause ekiga executable crash.

Upstream bug report:
[1] https://bugzilla.gnome.org/show_bug.cgi?id=653009

Relevant upstream patch:
[2] http://git.gnome.org/browse/ekiga/commit/?id=7d09807257

References:
[3] http://ftp.gnome.org/pub/gnome/sources/ekiga/4.0/ekiga-4.0.0.news
Comment 1 Jan Lieskovsky 2012-12-03 12:29:29 EST
This issue did NOT affect the version of the ekiga package, as shipped with Red Hat Enterprise Linux 5.

--

This issue affects the version of the ekiga package, as shipped with Red Hat Enterprise Linux 6.

--

This issue affects the version of the ekiga package, as shipped with Fedora release of 16. Please schedule an update.

--

This issue affects the version of the ekiga package, as shipped with Fedora release of 17 (current version in -stable repository). Version ekiga-4.0.0-1.fc17 already available from the -testing repository is not vulnerable to this issue.
Comment 2 Jan Lieskovsky 2012-12-03 12:30:49 EST
Created ekiga tracking bugs for this issue

Affects: fedora-16 [bug 883063]
Comment 3 Jan Lieskovsky 2012-12-03 12:37:51 EST
CVE Request:
  http://www.openwall.com/lists/oss-security/2012/12/03/5
Comment 4 Jan Lieskovsky 2012-12-04 05:49:09 EST
The CVE identifier of CVE-2012-5621 has been assigned to this issue:
  http://www.openwall.com/lists/oss-security/2012/12/04/3
Comment 5 Huzaifa S. Sidhpurwala 2012-12-06 03:17:41 EST
Statement:

This issue does not affect the version of ekiga as shipped with Red Hat Enterprise Linux 5. This issue affects the version of ekiga as shipped with Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this issue as having moderate security impact, a future update may address this flaw.
Comment 6 Peter Robinson 2013-01-10 02:31:34 EST
Are we sure that 4.0.0 isn't vulnerable?

This is the fix in trunk:

http://opalvoip.svn.sourceforge.net/viewvc/opalvoip?view=revision&revision=28824

And updated sample code:

http://opalvoip.svn.sourceforge.net/viewvc/opalvoip/ptlib/trunk/samples/pxml/main.cxx?revision=28826&view=markup
Comment 7 Fedora Update System 2013-03-03 17:34:07 EST
ptlib-2.10.10-1.fc18, opal-3.10.10-1.fc18, ekiga-4.0.1-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 8 Fedora Update System 2013-03-03 17:40:11 EST
ptlib-2.10.10-1.fc17, opal-3.10.10-1.fc17, ekiga-4.0.1-1.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.